I at least have the minimal protection afforded by enforcing well-formed URIs - and a few other goodies it does.
Poking an arbitrary TCP hole in the firewall doesn't even give me that. On Wed, Dec 9, 2009 at 07:18, Ken Schaefer <[email protected]> wrote: > How do you even know that the protocol sitting on top of port 80/443 is > understandable by your proxy? It's just arbitrary data encapsulated in a HTTP > (or maybe even not) payload > > If I send a POST request, how does your proxy even know how to decode the > POST payload? > > Cheers > Ken > > -----Original Message----- > From: Kurt Buff [mailto:[email protected]] > Sent: Wednesday, 9 December 2009 11:12 PM > To: NT System Admin Issues > Subject: Re: A new challenge for me... > > At least I can proxy 80/443, and my firewall understands http(s) - I love my > Sidewinder. > > On Wed, Dec 9, 2009 at 07:06, Ken Schaefer <[email protected]> wrote: >> With that attitude, no wonder every single product now uses the "universal >> firewall bypass" port to conduct it's business. >> >> Cheers >> Ken >> >> -----Original Message----- >> From: Kurt Buff [mailto:[email protected]] >> Sent: Wednesday, 9 December 2009 11:03 PM >> To: NT System Admin Issues >> Subject: Re: A new challenge for me... >> >> And that's two ports too many. >> >> On Wed, Dec 9, 2009 at 04:25, Jon Harris <[email protected]> wrote: >>> I did not have that many open for the installation I had to manage. >>> I think I had a total of 4 ports open and 2 of those 80 and 443 had >>> to be open anyway. >>> >>> Jon > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
