Home page logo

basics logo Security Basics mailing list archives

Re: Risk-Port 3270
From: krymson () gmail com
Date: 7 Dec 2007 17:05:17 -0000

If you open port 3270 from my machine to a specific server out on the Internet, I can put whatever I want through that 
connection. Then again, I can do that on port 80 anyway unless you're doing some deeper inspection.

You'll definitely want to allow only that one internal system to connect to only that one external system on that port.

You'll also definitely want to ask what sort of traffic this will include. Is this an application? What service is 
running on the remote system on 3270? Is it encrypted? A request like this (especially when using "financial 
transactions" anywhere near it) should be accompanied by that sort of information at a minimum.

<- snip ->
Recently I got a change request which is to be implemented on the
firewall. The requirement is to allow port 3270 from inside network to
a webserver located in the outside world.
I would like to know the Risk/Threats associated with this change. I
dont know what kind of a data would traverse in this setup but most
likely its going to be something related with financial transactions.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]