Security Basics: RE: Securing webmail - changing a port necessary to ensure security?

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Security Basics mailing list archives

RE: Securing webmail - changing a port necessary to ensure security?

From: "Aditya, ALD [Aditya Lalit Deshmukh]" <aditya.deshmukh () online gateway technolabs net>
Date: Thu, 12 Feb 2004 23:29:14 +0530

-----Original Message-----
From: Jennifer Fountain [mailto:jfountain () rbinc com]
Sent: Wednesday, February 11, 2004 9:33 PM
To: security-basics () securityfocus com
Subject: Securing webmail - changing a port necessary to ensure
security?

I am going back and forth on this one with a consultant on this one and
need an expert opinion.  So, I turn to you :)  When configuring webemail
(such as owa) that is using https, is it better to change the default
port (443) to an uncommon port (20000)for security reasons?  Does it
secure it further by doing this?


that would be security thru obscurity, will add one more layer of secure but it would be very easy to break this one 

doing someing as nmap scan would reveal this

Wouldn't it cause more issues than
anything if you try to access that site from inside an org that only
allows port 80/443 and 21 out?


none that i would think of.

Thank you in advance for any opinions you may share.

Kind Regards,

Jennifer Fountain

------------------------------------------------------------------
---------
Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection

Protect your network with the comprehensive security solution that
integrates six applications for ease of use and lower TCO.

Firewall - Virus protection - Spam protection - URL blocking - VPN
- Wireless security.

Download 30-day evaluation at:
http://www.astaro.com/php/contact/securityfocus.php
------------------------------------------------------------------
----------



________________________________________________________________________
Delivered using the Free Personal Edition of Mailtraq (www.mailtraq.com)

---------------------------------------------------------------------------
Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection

Protect your network with the comprehensive security solution that
integrates six applications for ease of use and lower TCO.

Firewall - Virus protection - Spam protection - URL blocking - VPN
- Wireless security.

Download 30-day evaluation at:
http://www.astaro.com/php/contact/securityfocus.php
----------------------------------------------------------------------------

By Date By Thread

Current thread:

Securing webmail - changing a port necessary to ensure security? Jennifer Fountain (Feb 11)
- Re: Securing webmail - changing a port necessary to ensure security? Michael Gale (Feb 12)
- Re: Securing webmail - changing a port necessary to ensure security? Pete Hunt (Feb 12)
  - Re: Securing webmail - changing a port necessary to ensure security? Sandro Melo (Feb 13)
- RE: Securing webmail - changing a port necessary to ensure security? Aditya, ALD [Aditya Lalit Deshmukh] (Feb 12)
- RE: Securing webmail - changing a port necessary to ensure security? Joey Peloquin (Feb 13)
- Re: Securing webmail - changing a port necessary to ensure security? Dedric Ramsey - Ramsey Consulting Svcs (Feb 13)
- Re: Securing webmail - changing a port necessary to ensure security? Chris (Feb 13)
- Re: Securing webmail - changing a port necessary to ensure security? AgfTech Lists (Feb 13)
- Re: Securing webmail - changing a port necessary to ensure security? Miles Stevenson (Feb 13)