Security Basics mailing list archives
RE: Protocol enforcement
From: "Steve Armstrong" <stevearmstrong () logicallysecure com>
Date: Sun, 8 Mar 2009 12:50:51 -0000
It depends upon the service, where it is from and where it is going to. If it is an 'any internal' to 'any external' you would be accepting a higher risk than from a single desktop to a identified server on the internet/less secure LAN. What's the service? Skype? (LOL) And are you sure it is only one outbound port? Steve Armstrong Logically Secure -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of myauthoritah () gmail com Sent: 06 March 2009 17:42 To: security-basics () securityfocus com Subject: Protocol enforement I have an environment where Checkpoint Smart Defense is causing problems with SSL web traffic. The specific SSL traffic does not appear to be RFC compliant (big surprise). Protocol enforcement of 443 is problem. How much risk would I be accepting by shutting down the protocol enforcement on the Checkpoint. Googling did very little to help. Security is getting in the way of availability. VR, Slinger The information contained in this e-Mail and any subsequent correspondence is private and is intended solely for the intended recipient(s). The information in this communication may be confidential and/or legally privileged. Nothing in this e-mail is intended to conclude a contract on behalf of Logically Secure Ltd or make Logically Secure Ltd subject to any other legally binding commitments, unless the e-mail contains an express statement to the contrary or incorporates a formal Purchase Order. For persons other than the intended recipient any disclosure, copying, distribution, or any action taken or omitted to be taken in reliance on such information is prohibited and may be unlawful. Registered in England and Wales No: 05967368. Registered Office: 36 Tudor Road, Lincoln, LN6 3LL.
Attachment:
smime.p7s
Description:
Current thread:
- Protocol enforement myauthoritah (Mar 06)
- Re: Protocol enforement Vivek P (Mar 09)
- RE: Protocol enforcement Steve Armstrong (Mar 09)
- Re: Protocol enforement Javier Reyna (Mar 10)
- Re: Protocol enforement private private (Mar 11)