> Are there multiple TCP ports involved? I haven't found this mentioned > anywhere (maybe I overlooked the obvious).
That's my understanding. We don't have a single port for SSL, instead running "blah-over-SSL"; BEEP is the same. > > HTTP opens a security hole in a firewall, even with a proxy > > server. I have successfully run IP tunnels over HTTP through > > a proxy using off-the-shelf software. This is a red herring, IMO. > > This is exactly my concern! And I don't see it is addressed in the > syslog RFC series... I'm not aware of any IETF protocols that address this problem, which is my (subtle :-) point. I'm of the opinion that defending against these attacks is beyond the scope of the individual IETF working groups (and is, in some cases, impossible :-). -- Harald Koch <[EMAIL PROTECTED]>
