Date: Thu, 10 Jun 1999 19:19:16 -0700 From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.Org> To: Bill Swingle <unfurl@dub.net> Cc: Nick Rogness <nick@rapidnet.com>, Gregory Carvalho <GregoryC@stcinc.com>, "freebsd-security@FreeBSD.ORG" <freebsd-security@FreeBSD.ORG> Subject: Re: ports and applications Message-ID: <3.0.5.32.19990610191916.0096a6f0@localhost> In-Reply-To: <19990610170151.D843@dub.net> References: <Pine.BSF.4.05.9906101501260.33002-100000@rapidnet.com> <375F7453.77C0F526@stcinc.com> <Pine.BSF.4.05.9906101501260.33002-100000@rapidnet.com>
next in thread | previous in thread | raw e-mail | index | archive | help
At 05:01 PM 6/10/99 -0700, Bill Swingle wrote: >On Thu, Jun 10, 1999 at 03:07:39PM -0600, Nick Rogness wrote: >> On Thu, 10 Jun 1999, Gregory Carvalho wrote: >> >> > Using ipfw I am allowing port 80 through the wall (could you imagine if >> > I denied the good people of Gotham their web fix). Suppose I deny >> > telnet, but some external server has its telnet server configured for >> > port 80. Is there a method to prevent the telnet session from operating? >> >> Why would anyone run telnet on port 80? >> >> Is this an incoming or outgoing telnet session? I'm assuming >> outoing telnet sessions. The only thing I can think of is running >> the machines through a proxy server. > >Once, while working for a rather fascist employer that denied outgoing >connections on ports 22/23 I set up telnet, then later sshd, on port 80 >on my home machine. They employers couldnt do without their web access >it seems :) I think this is what the original writer is trying to avoid. We're actually running a public CVS server on port 443 (https) so that users behind firewalls can get at our source. It's hard to proxy https, which makes it much better tunneling port than 80 (http). Kurt To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3.0.5.32.19990610191916.0096a6f0>