[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[FW1] Question about web security
[ The following text is in the "iso-8859-1" character set. ]
[ Your display is set for the "US-ASCII" character set. Some ]
[ characters may be displayed incorrectly. ]
FW-1, v4 on NT, our web server (using IIS4)
is placed on a DMZ. Some of the web server's sites are separated by the
port that they use for HTTP. Some visitors to the site aren't able to
connect to one of the sites that uses port 911 for HTTP. I'm forwarding
our web server administrator's questions to the list for comments. Thanks,
Sandy ......
For various reasons, we are using port 911
on our web server to allow access to a portion of our web site (this is HTTP
traffic -- it mainly contains pdf files that visitors can view/download --
see http://www.psc.state.wi.us/writings/papers/general/ind-comp.htm and
click on any of the pdf icons for example). Visitors attempting to access
that port are having problems, apparently because some firewalls have that
port blocked. In reviewing this file:
http://www.isi.edu/in-notes/iana/assignments/port-numbers, it appears that
this port is a "well-known" port for xact-backup.
My questions are:
1) Is there a port number that can
be used that is not a standard port (80 or 21) and that is typically not
blocked on firewalls? For example, ports 912-988 on the list mentioned
above are unassigned, but might firewalls still block those ports?
2) Are most people leaving port 21
open?
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================