Security Basics mailing list archives
RE: Securing webmail - changing a port necessary to ensure security?
From: Joey Peloquin <jpelo1 () jcpenney com>
Date: Thu, 12 Feb 2004 09:36:53 -0600
Jennifer,
When configuring webemail (such as owa) that is using https, is it better to change the default port (443) to an uncommon port (20000)for security reasons?
Running a well-known service on an unregistered port may protect you from "script-kiddies" looking only at the results from a range-scan (or not even looking, and simply plugging the results into a tool), but not a determined cracker that is deliberately targeting you. You're still susceptible to banner-grabbing and other enumeration techniques, unless you've taken steps to thwart those as well. IMO, your time is better spent securing the OS the service is running on, and the application or service itself, especially if we're talking about Windows. Joey Peloquin [...]
The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. If the reader of this message is not the intended recipient, you are hereby notified that your access is unauthorized, and any review, dissemination, distribution or copying of this message including any attachments is strictly prohibited. If you are not the intended recipient, please contact the sender and delete the material from any computer.
--------------------------------------------------------------------------- Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection Protect your network with the comprehensive security solution that integrates six applications for ease of use and lower TCO. Firewall - Virus protection - Spam protection - URL blocking - VPN - Wireless security. Download 30-day evaluation at: http://www.astaro.com/php/contact/securityfocus.php ----------------------------------------------------------------------------
Current thread:
- Securing webmail - changing a port necessary to ensure security? Jennifer Fountain (Feb 11)
- Re: Securing webmail - changing a port necessary to ensure security? Michael Gale (Feb 12)
- Re: Securing webmail - changing a port necessary to ensure security? Pete Hunt (Feb 12)
- Re: Securing webmail - changing a port necessary to ensure security? Sandro Melo (Feb 13)
- RE: Securing webmail - changing a port necessary to ensure security? Aditya, ALD [Aditya Lalit Deshmukh] (Feb 12)
- RE: Securing webmail - changing a port necessary to ensure security? Joey Peloquin (Feb 13)
- Re: Securing webmail - changing a port necessary to ensure security? Dedric Ramsey - Ramsey Consulting Svcs (Feb 13)
- Re: Securing webmail - changing a port necessary to ensure security? Chris (Feb 13)
- Re: Securing webmail - changing a port necessary to ensure security? AgfTech Lists (Feb 13)
- Re: Securing webmail - changing a port necessary to ensure security? Miles Stevenson (Feb 13)
- Re: Securing webmail - changing a port necessary to ensure security? Ansgar -59cobalt- Wiechers (Feb 13)
- RE: Securing webmail - changing a port necessary to ensure security? Thiago Lima (Feb 13)
- RE: Securing webmail - changing a port necessary to ensure security? Byron Copeland (Feb 16)
- <Possible follow-ups>
- RE: Securing webmail - changing a port necessary to ensure security? Michael Bellears (Feb 12)