On Mon, 30 Jan 2006, Frank Sweetser wrote:
> Actually, that only covers the firewall running on the local machine. Far,
> *far* more problematic are external firewalls running on routers, typically in
> a completely different sphere of control than the machine running AG. These
> tend to be run by people who respond to a request of "Could you please open up
> these 5,000 ports to all addresses?" with derisive laughter. Dealing with
> these external firewalls becomes much easier when the AG is restricted to a
> small, tightly defined set of ports.
I'd look at this as yet another symptom of a network nazi. If it's stopping
you doing something useful, they're the ones that need to get a grip. If AG
used 1 port rather than 5000, would it actually be more secure?
jh
--
"Madame, si c'est possible, c'est fait, impossible? Cela se fera."
-- Charles Alexandre de Calonnne
