Hm, I believe there is a new version of DCOM that works through port 80 if
you have a packet filtering firewall. From what I've heard it breaks if you
have a real application gateway firewall. We've put our foot down and
refuse to put up with some of the grotesque combinations of various software
vendors out there. We had one vendor who wanted to run ftp on port 999,
telnet on port 55000, smtp on port 888 and http on port 2 (or something like
that, I don't remember the exact port combinations)! Why? Supposedly it
was a security precaution, yeah something that would be exposed in 5 seconds
with strobe or within a minute with a packet sniffer. We had one vendor who
insisted that he be able to run telnet on port 21 (ftp). Why do they do
this? Frankly I don't know because with these kinds of stupidities they are
putting themselves at a competitive disadvantage.
> -----Original Message-----
> From: Mike Batchelor [SMTP:[EMAIL PROTECTED]]
> Sent: Monday, May 24, 1999 2:31 PM
> To: Magowan, Richard M. (ITS); [EMAIL PROTECTED]
> Subject: RE: DCOM on Gauntlet
>
> You may wish to remind your application folks, that if they cannot get
> this
> DCOM application to work behind their own firewall, then it's highly
> likely
> that other visitors will have the same troubles behind *their* company
> firewall.
>
> Or do they only care about visitors who dialup directly to an ISP? If so,
> then some dialup lines would be appropriate for your application people to
> use
> to test their DCOM application. That solves the immediate problem, and
> has
> the added benefit that your application people won't overload the new web
> site
> with useless graphics. :)
>
> DCOM is what Microsoft and Digital (before they became Compaq) were
> touting as
> a competitor to CORBA and IIOP. Or something like that.
>
> > -----Original Message-----
> > From: [EMAIL PROTECTED]
> > [mailto:[EMAIL PROTECTED]]On Behalf Of Magowan, Richard M.
> > (ITS)
> > Sent: Friday, May 21, 1999 6:34 AM
> > To: '[EMAIL PROTECTED]'
> > Subject: DCOM on Gauntlet
> >
> >
> > Hi Folks,
> >
> > One of my user departments is developing an application that uses
> facilities
> > at a site www.claimcard.com <http://www.claimcard.com> . The application
> > apparently uses DCOM. The application will not work through my Gauntlet
> > firewall (which I can't play with, it's managed). Claimcard tells me I
> have
> > to implement DCOM on gauntlet. I realize Gauntlet is a proxy style
> firewall
> > and that DCOM may have to be proxied. Is DCOM related to Active X? Is
> there
> > a DCOM proxy for Gauntlet?
> > We ran some traces, first using a dial-up internet connection to the
> > claimcard site which worked fine, then traced the activity through
> Gauntlet.
> > The good trace shows an HTTP "GET" command with two fields
> > "If-Modified-Since:" and "If-None-Match:" which are not present in the
> bad
> > trace. I have no clue what all this means. The applications folks came
> to me
> > and said "you have to change your firewall". Well, as you may guess this
> is
> > not gonna happen. Can anyone out there give me some hints as to what
> might
> > be going on and maybe some suggestions to pass along to my ISP to see if
> > they can get this thing to work. Any comments are appreciated.
> >
> > Thanks.
> > -
> > [To unsubscribe, send mail to [EMAIL PROTECTED] with
> > "unsubscribe firewalls" in the body of the message.]
> >
> >
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
*****************************************************************************
The information in this email is confidential and may be legally privileged.
It is intended solely for the addressee. Access to this email by anyone else
is unauthorized.
If you are not the intended recipient, any disclosure, copying, distribution
or any action taken or omitted to be taken in reliance on it, is prohibited
and may be unlawful. When addressed to our clients any opinions or advice
contained in this email are subject to the terms and conditions expressed in
the governing KPMG client engagement letter.
*****************************************************************************
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
