[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW1] Question about web security

To: "Bell, Sandy" <BellS@psc.state.wi.us>
Subject: Re: [FW1] Question about web security
From: jvieira@dmr.com
Date: Tue, 7 Sep 1999 09:14:07 -0400
Cc: "'fw-1-mailinglist@lists.us.checkpoint.com'" <fw-1-mailinglist@lists.us.checkpoint.com>


Usually people assing ports 8000+ when hosting multiple web sites with a single
ip address.  Port 8080 is actually an alternate for http.

Joe





"Bell, Sandy" <BellS@psc.state.wi.us> on 09/07/99 08:56:44 AM

To:   "'fw-1-mailinglist@lists.us.checkpoint.com'"
      <fw-1-mailinglist@lists.us.checkpoint.com>
cc:    (bcc: Joseph Vieira/DMR/CA)
Subject:  [FW1] Question about web security





                    FW-1, v4 on NT, our web server (using IIS4)
is placed on a DMZ.   Some of the web server's sites are separated by the
port that they use for HTTP.   Some visitors to the site aren't able to
connect to one of the sites that uses port 911 for HTTP.   I'm forwarding
our web server administrator's questions to the list for comments.  Thanks,
Sandy    ......
                    For various reasons, we are using port 911
on our web server to allow access to a portion of our web site (this is HTTP
traffic -- it mainly contains pdf files that visitors can view/download --
see http://www.psc.state.wi.us/writings/papers/general/ind-comp.htm and
click on any of the pdf icons for example).  Visitors attempting to access
that port are having problems, apparently because some firewalls have that
port blocked.  In reviewing this file:
http://www.isi.edu/in-notes/iana/assignments/port-numbers, it appears that
this port is a "well-known" port for xact-backup.
                    My questions are:
                         1) Is there a port number that can
be used that is not a standard port (80 or 21) and that is typically not
blocked on firewalls?  For example, ports 912-988 on the list mentioned
above are unassigned, but might firewalls still block those ports?
                         2) Are most people leaving port 21
open?




================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================






================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: RE: [FW1] Traceroute and NAT
Next by Date: [FW1] [FW-1] MDQ.LOG
Prev by thread: [FW1] Question about web security
Next by thread: [FW1] [FW-1] MDQ.LOG
Index(es):
- Date
- Thread