Hi Gary,
IMHO, *any* listening tcp/udp port is a potential security risk. The
malicious programmers out there simply don't care about 'port number
assignments' and the like. (e.g. 'antigen' on port 25, 'blade runner' on
port 21, 'executor' on port 80, etc, etc, etc). Only the decent programmers
follow the 'rules', the creeps never have, and never will. That being said,
I'd wager that port 507 (regardless of it's intended usage) is as equally
susceptible to compromise as any of the other 65,535. It would probably
behoove you to take all the precautionary steps possible to limit access, if
you MUST use the port at all. Better yet would be to see if there's any
possible alternative solutions with stronger security measures incorporated.
After all, it's one more unlocked door on your house.
Cheers!
--Bill Fox
<><><><><><><><><><><><><><><><><><><><><><>
"Ideals are gradually eroded by raw deals"
<><><><><><><><><><><><><><><><><><><><><><>
----- Original Message -----
From: "Lee, Gary" <[EMAIL PROTECTED]>
To: "'Checkpoint FW-1 list'" <[EMAIL PROTECTED]>;
"'GNAC Security List'" <[EMAIL PROTECTED]>
Cc: "Lee, Gary" <[EMAIL PROTECTED]>
Sent: Monday, March 13, 2000 11:30 AM
Subject: port 507
> This is a resend of the original question of 03/08. I've receive 0
> responses.
>
> <<original post>>
>
> Does anyone know what risks are associated with opening tcp and udp port
507
> ("crs") through a firewall?
>
> I've got a web developer that wants to use Site Server (supposedly using
> port 507) to push web site updates from an internal developement web
server
> to production web servers on a secured firewall segment.
>
> TIA!
>
> Gary Lee
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
