On Monday, February 9, 2004, 15:42:22, Marc A. Funaro wrote: > We have a client that deals with a state agency that is demanding > access to their server on port 500 (source and destination, UDP > Protocol) for ISAKMP, and IPSEC (ESP Protocol). Are any of you gurus > aware of any known problems or security issues with these ports?
Specific port numbers are irrelevant, it all depends on what's listening on those ports. Presumably the intent is to setup an IPSec tunnel between the state agency and your client. How secure the tunnel is depends on the software used and the strength of the keys. A more interesting question is what traffic do they want to pass down the tunnel? I would advise them to treat the tunnel the same as they treat the Internet, i.e. be paranoid and block everything that isn't explicitly needed. A tunnel simply means you are reasonably sure that no one can peek at what you're sending and you know who's at the far end. It doesn't guarantee their machines haven't been hijacked and are trying to infest whatever they can connect to. -- [EMAIL PROTECTED] "The avalanche has already started, it is too Rod Dorman late for the pebbles to vote." � Ambassador Kosh To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
