Yes there is always that possibility. But its more generic, such as a buffer overflow or security flaw with https or RPC
https is just a method of encryption. Having the port(s) open to the world to access opens you up to any https/http security flaw Using ISA server to proxy the connection can give you some added security. Requiring some form of authentication on your firewall before the port(s) are open to your remote device provides another level of protection. For example: if your using checkpoint firewall-1 you can use your secureremote software to provide that authentication and encryption from your remote device to the firewall. This also removes the need for (and cost of) https and just use http. We do this for Handheld devices and activesync. Some links here may be of further interest to you http://www.google.co.nz/search?hl=en&q=rpc+over+https+security&meta= HTH Dean C -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dandy, Jim Sent: Tuesday, 30 January 2007 18:52 To: Exchange Discussions Subject: RPC over HTTPS security I guess one of the things I'm asking is, is there some possibility of tunneling in through HTTPS and using RPCs to do something malicious rather than the expected mail communications? Thanks for all your discussion. Curt _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/read/?forum=exchange To subscribe: http://e-newsletters.internet.com/discussionlists.html/ To unsubscribe send a blank email to [EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] To unsubscribe via postal mail, please contact us at: Jupitermedia Corp. Attn: Discussion List Management 475 Park Avenue South New York, NY 10016 Please include the email address which you have been contacted with. ********************************************************************** Have you clicked on yet? www.nrc.govt.nz ********************************************************************** NORTHLAND REGIONAL COUNCIL This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify [EMAIL PROTECTED] ********************************************************************** _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/read/?forum=exchange To subscribe: http://e-newsletters.internet.com/discussionlists.html/ To unsubscribe send a blank email to [EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] To unsubscribe via postal mail, please contact us at: Jupitermedia Corp. Attn: Discussion List Management 475 Park Avenue South New York, NY 10016 Please include the email address which you have been contacted with.
