Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Why are developers choosing to...

From: Darren Reed <darrenr () reed wattle id au>
Date: Sat, 21 Jan 2006 08:04:07 +1100 (EST)

Why are developers choosing to write "web-based" code that runs some
sort of encryption, typically SSL, across a non-standard port (say
10443) and then having those URLs blow up when they try to traverse the
prudent company's perimeter security...You know..."deny all that is not
explicitly allowed."

I am seeing more and more "websites" that use a URL such as
http://register.at.my.site:10443. Why not just use the standard secure
port 443 from the get go?  Is there something that makes SSL across
10443 innately more secure, or is this just the "security by obscurity"
smoke-and-mirrors trick?


Well, you don't have to run the web server software as root, if it is
running on Unix system, to use port 10443.

Darren
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: