Security Basics mailing list archives

Re: Securing webmail - changing a port necessary to ensure security?

From: AgfTech Lists <lists () agftech com>
Date: 12 Feb 2004 02:00:39 -0600


You have partially answered your own question... I will add some
comments...
Many org's have such firewall / proxy settings... they do run into these
kind of issues because there are some people who would use the uncommon
ports but then they have to deal with them, if they have information, by
modifying there rulesets for those domains which is a waste.

Moreover if you can't convey each of the users about these settings 
(which would be true if you have MANY users), all you get is complaint
calls and users dropping out of your service because they do not have
this problem accessing the other webmail provider's service.

HTH

Aman


On Wed, 2004-02-11 at 10:02, Jennifer Fountain wrote:

I am going back and forth on this one with a consultant on this one and
need an expert opinion.  So, I turn to you :)  When configuring webemail
(such as owa) that is using https, is it better to change the default
port (443) to an uncommon port (20000)for security reasons?  Does it
secure it further by doing this?  Wouldn't it cause more issues than
anything if you try to access that site from inside an org that only
allows port 80/443 and 21 out?  

Thank you in advance for any opinions you may share.

Kind Regards,

Jennifer Fountain

---------------------------------------------------------------------------
Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection

Protect your network with the comprehensive security solution that
integrates six applications for ease of use and lower TCO.

Firewall - Virus protection - Spam protection - URL blocking - VPN
- Wireless security.

Download 30-day evaluation at:
http://www.astaro.com/php/contact/securityfocus.php
----------------------------------------------------------------------------


______________________
Aman Raheja
AGF Technologies
http://www.agftech.com
______________________


---------------------------------------------------------------------------
Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection

Protect your network with the comprehensive security solution that
integrates six applications for ease of use and lower TCO.

Firewall - Virus protection - Spam protection - URL blocking - VPN
- Wireless security.

Download 30-day evaluation at:
http://www.astaro.com/php/contact/securityfocus.php
----------------------------------------------------------------------------

Current thread:

Securing webmail - changing a port necessary to ensure security? Jennifer Fountain (Feb 11)
- Re: Securing webmail - changing a port necessary to ensure security? Michael Gale (Feb 12)
- Re: Securing webmail - changing a port necessary to ensure security? Pete Hunt (Feb 12)
  - Re: Securing webmail - changing a port necessary to ensure security? Sandro Melo (Feb 13)
- RE: Securing webmail - changing a port necessary to ensure security? Aditya, ALD [Aditya Lalit Deshmukh] (Feb 12)
- RE: Securing webmail - changing a port necessary to ensure security? Joey Peloquin (Feb 13)
- Re: Securing webmail - changing a port necessary to ensure security? Dedric Ramsey - Ramsey Consulting Svcs (Feb 13)
- Re: Securing webmail - changing a port necessary to ensure security? Chris (Feb 13)
- Re: Securing webmail - changing a port necessary to ensure security? AgfTech Lists (Feb 13)
- Re: Securing webmail - changing a port necessary to ensure security? Miles Stevenson (Feb 13)
- Re: Securing webmail - changing a port necessary to ensure security? Ansgar -59cobalt- Wiechers (Feb 13)
- RE: Securing webmail - changing a port necessary to ensure security? Thiago Lima (Feb 13)
  - RE: Securing webmail - changing a port necessary to ensure security? Byron Copeland (Feb 16)
- <Possible follow-ups>
- RE: Securing webmail - changing a port necessary to ensure security? Michael Bellears (Feb 12)