Multiple ports are often used to provide secondary web access for special
purposes on the same computer as the general port 80. The way to handle
this in a secure manner is to have your firewall proxy the connection.
Since the URL in the HTTP command includes the port number for a
nonstandard connection
http://www.example.com:8004
for example, a firewall or http proxy such as squid, can received this on
port 80 (or another port such as 8080, when client browser is configured
for http proxying), send the request out on correct port from URL, receive
the data and convert to proxy port after scanning it before sending it
back to client. This of course implies a true proxy firewall or cache in
front of firewall, rather than simple stateful inspection, but this is
what should be used in front of desktop clients anyway.
"BY" <[EMAIL PROTECTED]>
Sent by: [EMAIL PROTECTED]
05/02/02 09:02 AM
Please respond to bysoo
To: <[EMAIL PROTECTED]>
cc:
Subject: http port
Hello all,
Firewall Checkpoint 4.1 with SP8 on NT4.0 SP6a.
I am not a programmer, so I still don't understand why some web
developers/programmers would hard code their web pages using non-80 http
port. On my firewall, I only allow any web sites to go out through port
80. Obviously this is the reason why my users that they can not access
those sites behind the firewall.
I would really appreciate if I hear some comments how you manage those
web sites? Apart from opening those ports on the firewall policy, are
there any other methods ?
Thanks
BY
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
For Account Management (unsubscribe, get/change password, etc) Please go
to:
http://lists.gnac.net/mailman/listinfo/firewalls
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
For Account Management (unsubscribe, get/change password, etc) Please go to:
http://lists.gnac.net/mailman/listinfo/firewalls
