Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Securing webmail - changing a port necessary to ensure securi ty?

From: "Barrett, Will" <Will.Barrett () trippak com>
Date: Thu, 12 Feb 2004 10:23:21 -0700
I've set this up for a couple of companies and consulted for a few more that
had it, and my experience has been that there is no real benefit to changing
to an uncommon port, and in cases where they did, it was more of an
inconvenience for offsite employees.  But judging from your question, I
think you already knew that.
If you do want to add security to it, put it behind a VPN connection.  And
get a consultant that knows that security through obscurity isn't.

-WTB 


-----Original Message-----
From: Jennifer Fountain [mailto:jfountain () rbinc com] 
Sent: Wednesday, February 11, 2004 9:03 AM
To: security-basics () securityfocus com
Subject: Securing webmail - changing a port necessary to 
ensure security?


I am going back and forth on this one with a consultant on 
this one and need an expert opinion.  So, I turn to you :)  
When configuring webemail (such as owa) that is using https, 
is it better to change the default port (443) to an uncommon 
port (20000)for security reasons?  Does it secure it further 
by doing this?  Wouldn't it cause more issues than anything 
if you try to access that site from inside an org that only 
allows port 80/443 and 21 out?  

Thank you in advance for any opinions you may share.

Kind Regards,

Jennifer Fountain

--------------------------------------------------------------
-------------
Free trial: Astaro Security Linux -- firewall with Spam/Virus 
Protection

Protect your network with the comprehensive security solution 
that integrates six applications for ease of use and lower TCO.

Firewall - Virus protection - Spam protection - URL blocking - VPN
- Wireless security.

Download 30-day evaluation at: 
http://www.astaro.com/php/contact/securityfocu> s.php


--------------------------------------------------------------
--------------



---------------------------------------------------------------------------
Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection

Protect your network with the comprehensive security solution that
integrates six applications for ease of use and lower TCO.

Firewall - Virus protection - Spam protection - URL blocking - VPN
- Wireless security.

Download 30-day evaluation at:
http://www.astaro.com/php/contact/securityfocus.php
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: