Security Basics mailing list archives

RE: Securing webmail - changing a port necessary to ensure security?

From: "Thiago Lima" <thiagolima () webforce com br>
Date: Thu, 12 Feb 2004 09:02:03 -0300


        Security thru obscurity is never a good solution. Even if you change
the port to 20000, if someone portscan your machine it will find your
webmail.

        And if your webmail have much access from diferent clients at
diferent points you may end up with someone that can't access your webmail
because the administrator of a LAN that your client is connected (and trying
to access the webmail) blocked outgoing traffic to unkown ports.

        Resume: stay with 443, but ensure that all software are updated,
keep some security polices and run a security scaner (like nessus) from time
to time.

Regards
Thiago.

-----Original Message-----
From: Jennifer Fountain [mailto:jfountain () rbinc com] 
Sent: Wednesday, February 11, 2004 1:03 PM
To: security-basics () securityfocus com
Subject: Securing webmail - changing a port necessary to 
ensure security?

I am going back and forth on this one with a consultant on 
this one and need an expert opinion.  So, I turn to you :)  
When configuring webemail (such as owa) that is using https, 
is it better to change the default port (443) to an uncommon 
port (20000)for security reasons?  Does it secure it further 
by doing this?  Wouldn't it cause more issues than anything if 
you try to access that site from inside an org that only 
allows port 80/443 and 21 out?  

Thank you in advance for any opinions you may share.

Kind Regards,

Jennifer Fountain

---------------------------------------------------------------
------------
Free trial: Astaro Security Linux -- firewall with Spam/Virus 
Protection

Protect your network with the comprehensive security solution 
that integrates six applications for ease of use and lower TCO.

Firewall - Virus protection - Spam protection - URL blocking - VPN
- Wireless security.

Download 30-day evaluation at:
http://www.astaro.com/php/contact/securityfocus.php
---------------------------------------------------------------
-------------



---------------------------------------------------------------------------
Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection

Protect your network with the comprehensive security solution that
integrates six applications for ease of use and lower TCO.

Firewall - Virus protection - Spam protection - URL blocking - VPN
- Wireless security.

Download 30-day evaluation at:
http://www.astaro.com/php/contact/securityfocus.php
----------------------------------------------------------------------------

Current thread:

Re: Securing webmail - changing a port necessary to ensure security?, (continued)
- Re: Securing webmail - changing a port necessary to ensure security? Michael Gale (Feb 12)
- Re: Securing webmail - changing a port necessary to ensure security? Pete Hunt (Feb 12)
  - Re: Securing webmail - changing a port necessary to ensure security? Sandro Melo (Feb 13)
- RE: Securing webmail - changing a port necessary to ensure security? Aditya, ALD [Aditya Lalit Deshmukh] (Feb 12)
- RE: Securing webmail - changing a port necessary to ensure security? Joey Peloquin (Feb 13)
- Re: Securing webmail - changing a port necessary to ensure security? Dedric Ramsey - Ramsey Consulting Svcs (Feb 13)
- Re: Securing webmail - changing a port necessary to ensure security? Chris (Feb 13)
- Re: Securing webmail - changing a port necessary to ensure security? AgfTech Lists (Feb 13)
- Re: Securing webmail - changing a port necessary to ensure security? Miles Stevenson (Feb 13)
- Re: Securing webmail - changing a port necessary to ensure security? Ansgar -59cobalt- Wiechers (Feb 13)
- RE: Securing webmail - changing a port necessary to ensure security? Thiago Lima (Feb 13)
  - RE: Securing webmail - changing a port necessary to ensure security? Byron Copeland (Feb 16)
- RE: Securing webmail - changing a port necessary to ensure security? Michael Bellears (Feb 12)