Is there anything else you want to say about this that you already haven't up-front? Just saying port 443 implies that you are referring to HTTPS which also implies encrypted traffic - which is normal for a type of securely transmitted data.
If these guys think that just because its on port 443, that automagically makes it secure, well then thats something completely different - and completely stupid. But to you initial question of "You ever heard of someone whitelisting a server on the Internet to push data through a firewall on port 443", yea - thats normal in the context assumed above. Perhaps you should go back to the vendor and go over the exact details of your concerns items-by-item. -- Espi On Thu, Dec 18, 2014 at 1:02 PM, David McSpadden <[email protected]> wrote: > > I am. > > > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *Micheal Espinola Jr > *Sent:* Thursday, December 18, 2014 3:59 PM > *To:* ntsysadm > > *Subject:* Re: [NTSysADM] Weird request from a vendor > > > > Are you implying that certificates to encrypt the traffic are not going to > be involved? > > > -- > Espi > > > > > > On Thu, Dec 18, 2014 at 12:53 PM, David McSpadden <[email protected]> wrote: > > Absolutely not encrypted. They are relying on the 443 to make it > private. Cracking me up. > > > > -----Original Message----- > From: [email protected] [mailto: > [email protected]] On Behalf Of Kennedy, Jim > Sent: Thursday, December 18, 2014 3:46 PM > To: '[email protected]' > Subject: RE: [NTSysADM] Weird request from a vendor > > You control the source, you control the destination. I would assume it > will be encrypted....verify that. If yes, I don't see the problem. > > -----Original Message----- > From: [email protected] [mailto: > [email protected]] On Behalf Of David McSpadden > Sent: Thursday, December 18, 2014 3:36 PM > To: [email protected] > Subject: RE: [NTSysADM] Weird request from a vendor > > Vendor x wants to send lending information over port 443 to a webserver on > my network that will have a webservice injecting data into a SQL database. > So I ask them if we couldn't just create a vpn tunnel from their server > through my firewall to the webservice running internally. > They reply no just open your firewall and whitelist our address then nat > the traffic to the webservice. > I am a little more than wondering how they get away with this format for > shipping data to financial institutions? > > > -----Original Message----- > From: [email protected] [mailto: > [email protected]] On Behalf Of Kurt Buff > Sent: Thursday, December 18, 2014 3:32 PM > To: [email protected] > Subject: Re: [NTSysADM] Weird request from a vendor > > On Thu, Dec 18, 2014 at 12:26 PM, David McSpadden <[email protected]> wrote: > > You ever heard of someone whitelisting a server on the Internet to > > push data through a firewall on port 443? > > More details needed, but yes, I've put up firewall rules for specific > ports and addresses. Very common. > > Kurt > > > This e-mail and any files transmitted with it are property of Indiana > Members Credit Union, are confidential, and are intended solely for the use > of the individual or entity to whom this e-mail is addressed. If you are > not one of the named recipient(s) or otherwise have reason to believe that > you have received this message in error, please notify the sender and > delete this message immediately from your computer. Any other use, > retention, dissemination, forwarding, printing, or copying of this email is > strictly prohibited. > > Please consider the environment before printing this email. > This e-mail and any files transmitted with it are property of Indiana > Members Credit Union, are confidential, and are intended solely for the use > of the individual or entity to whom this e-mail is addressed. If you are > not one of the named recipient(s) or otherwise have reason to believe that > you have received this message in error, please notify the sender and > delete this message immediately from your computer. Any other use, > retention, dissemination, forwarding, printing, or copying of this email is > strictly prohibited. > > Please consider the environment before printing this email. > > This e-mail and any files transmitted with it are property of Indiana > Members Credit Union, are confidential, and are intended solely for the use > of the individual or entity to whom this e-mail is addressed. If you are > not one of the named recipient(s) or otherwise have reason to believe that > you have received this message in error, please notify the sender and > delete this message immediately from your computer. Any other use, > retention, dissemination, forwarding, printing, or copying of this email is > strictly prohibited. > > Please consider the environment before printing this email. >
