Re: Why are developers choosing to...

[Karl Mueller <karl.mueller () asolutions com>]

My experience suggests a couple reasons..
- easier to configure some software to run as a non-privileged user if
you use a high-order port
- easier to run multiple services on a single box, and the migration
through CM never mandates reconfiguring the app to use standard ports,
so the production configuration ends up matching a developer's rig
- default configuration never gets changed

I give my 'use standard ports and protocols for standard network
services so your network security folks don't shudder and hide when they
see you coming' speech fairly often.


On Fri, 2006-01-20 at 11:34, Behm, Jeffrey L. wrote:
> Why are developers choosing to write "web-based" code that runs some
> sort of encryption, typically SSL, across a non-standard port (say
> 10443) and then having those URLs blow up when they try to traverse the
> prudent company's perimeter security...You know..."deny all that is not
> explicitly allowed."
>
> I am seeing more and more "websites" that use a URL such as
> http://register.at.my.site:10443. Why not just use the standard secure
> port 443 from the get go?  Is there something that makes SSL across
> 10443 innately more secure, or is this just the "security by obscurity"
> smoke-and-mirrors trick?
>
> Opinions?
>
> Jeff
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards () honor icsalabs com
> http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Attachment: signature.asc
Description: This is a digitally signed message part