RE: Locking down workstation

["David Gillett" <gillettdavid () fhda edu>]

  Unfortunately, no.

  While 80 is the normal port number for web servers to listen on,
there are other uses, of varying degrees of legitimacy, that can
use this port instead.  Often, they do it precisely because most
packet-filtering firewalls have to assume that "port 80" means 
"HTTP" and most firewall admins can't block general web access.
  (A few advanced firewall products include the ability to verify
that port 80 traffic really *is* HTTP, but this comes at a 
substantial price premium and probably a performance hit as well.)

David Gillett


> -----Original Message-----
> From: Thomas F Parham [mailto:ParhamT () TWMINC com]
> Sent: June 11, 2003 08:15
> To: 'Jimi Thompson'; Mada Dulate; security-basics () securityfocus com
> Subject: RE: Locking down workstation
>
>
> Hello All,
>
> Simple question:
>
> If a external user is accessing port 80 does this mean he has 
> access to the web server?


---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.
     
Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.
          
Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------