I am. From: [email protected] [mailto:[email protected]] On Behalf Of Micheal Espinola Jr Sent: Thursday, December 18, 2014 3:59 PM To: ntsysadm Subject: Re: [NTSysADM] Weird request from a vendor
Are you implying that certificates to encrypt the traffic are not going to be involved? -- Espi On Thu, Dec 18, 2014 at 12:53 PM, David McSpadden <[email protected]<mailto:[email protected]>> wrote: Absolutely not encrypted. They are relying on the 443 to make it private. Cracking me up. -----Original Message----- From: [email protected]<mailto:[email protected]> [mailto:[email protected]<mailto:[email protected]>] On Behalf Of Kennedy, Jim Sent: Thursday, December 18, 2014 3:46 PM To: '[email protected]<mailto:[email protected]>' Subject: RE: [NTSysADM] Weird request from a vendor You control the source, you control the destination. I would assume it will be encrypted....verify that. If yes, I don't see the problem. -----Original Message----- From: [email protected]<mailto:[email protected]> [mailto:[email protected]<mailto:[email protected]>] On Behalf Of David McSpadden Sent: Thursday, December 18, 2014 3:36 PM To: [email protected]<mailto:[email protected]> Subject: RE: [NTSysADM] Weird request from a vendor Vendor x wants to send lending information over port 443 to a webserver on my network that will have a webservice injecting data into a SQL database. So I ask them if we couldn't just create a vpn tunnel from their server through my firewall to the webservice running internally. They reply no just open your firewall and whitelist our address then nat the traffic to the webservice. I am a little more than wondering how they get away with this format for shipping data to financial institutions? -----Original Message----- From: [email protected]<mailto:[email protected]> [mailto:[email protected]<mailto:[email protected]>] On Behalf Of Kurt Buff Sent: Thursday, December 18, 2014 3:32 PM To: [email protected]<mailto:[email protected]> Subject: Re: [NTSysADM] Weird request from a vendor On Thu, Dec 18, 2014 at 12:26 PM, David McSpadden <[email protected]<mailto:[email protected]>> wrote: > You ever heard of someone whitelisting a server on the Internet to > push data through a firewall on port 443? More details needed, but yes, I've put up firewall rules for specific ports and addresses. Very common. Kurt This e-mail and any files transmitted with it are property of Indiana Members Credit Union, are confidential, and are intended solely for the use of the individual or entity to whom this e-mail is addressed. If you are not one of the named recipient(s) or otherwise have reason to believe that you have received this message in error, please notify the sender and delete this message immediately from your computer. Any other use, retention, dissemination, forwarding, printing, or copying of this email is strictly prohibited. Please consider the environment before printing this email. This e-mail and any files transmitted with it are property of Indiana Members Credit Union, are confidential, and are intended solely for the use of the individual or entity to whom this e-mail is addressed. If you are not one of the named recipient(s) or otherwise have reason to believe that you have received this message in error, please notify the sender and delete this message immediately from your computer. Any other use, retention, dissemination, forwarding, printing, or copying of this email is strictly prohibited. Please consider the environment before printing this email. This e-mail and any files transmitted with it are property of Indiana Members Credit Union, are confidential, and are intended solely for the use of the individual or entity to whom this e-mail is addressed. If you are not one of the named recipient(s) or otherwise have reason to believe that you have received this message in error, please notify the sender and delete this message immediately from your computer. Any other use, retention, dissemination, forwarding, printing, or copying of this email is strictly prohibited. Please consider the environment before printing this email.
