Are you implying that certificates to encrypt the traffic are not going to be involved?
-- Espi On Thu, Dec 18, 2014 at 12:53 PM, David McSpadden <[email protected]> wrote: > > Absolutely not encrypted. They are relying on the 443 to make it > private. Cracking me up. > > > -----Original Message----- > From: [email protected] [mailto: > [email protected]] On Behalf Of Kennedy, Jim > Sent: Thursday, December 18, 2014 3:46 PM > To: '[email protected]' > Subject: RE: [NTSysADM] Weird request from a vendor > > You control the source, you control the destination. I would assume it > will be encrypted....verify that. If yes, I don't see the problem. > > -----Original Message----- > From: [email protected] [mailto: > [email protected]] On Behalf Of David McSpadden > Sent: Thursday, December 18, 2014 3:36 PM > To: [email protected] > Subject: RE: [NTSysADM] Weird request from a vendor > > Vendor x wants to send lending information over port 443 to a webserver on > my network that will have a webservice injecting data into a SQL database. > So I ask them if we couldn't just create a vpn tunnel from their server > through my firewall to the webservice running internally. > They reply no just open your firewall and whitelist our address then nat > the traffic to the webservice. > I am a little more than wondering how they get away with this format for > shipping data to financial institutions? > > > -----Original Message----- > From: [email protected] [mailto: > [email protected]] On Behalf Of Kurt Buff > Sent: Thursday, December 18, 2014 3:32 PM > To: [email protected] > Subject: Re: [NTSysADM] Weird request from a vendor > > On Thu, Dec 18, 2014 at 12:26 PM, David McSpadden <[email protected]> wrote: > > You ever heard of someone whitelisting a server on the Internet to > > push data through a firewall on port 443? > > More details needed, but yes, I've put up firewall rules for specific > ports and addresses. Very common. > > Kurt > > > This e-mail and any files transmitted with it are property of Indiana > Members Credit Union, are confidential, and are intended solely for the use > of the individual or entity to whom this e-mail is addressed. If you are > not one of the named recipient(s) or otherwise have reason to believe that > you have received this message in error, please notify the sender and > delete this message immediately from your computer. Any other use, > retention, dissemination, forwarding, printing, or copying of this email is > strictly prohibited. > > Please consider the environment before printing this email. > This e-mail and any files transmitted with it are property of Indiana > Members Credit Union, are confidential, and are intended solely for the use > of the individual or entity to whom this e-mail is addressed. If you are > not one of the named recipient(s) or otherwise have reason to believe that > you have received this message in error, please notify the sender and > delete this message immediately from your computer. Any other use, > retention, dissemination, forwarding, printing, or copying of this email is > strictly prohibited. > > Please consider the environment before printing this email. >
