Re: Why are developers choosing to...

["Keith A. Glass" <salgak () speakeasy net>]

> -----Original Message-----
> From: Behm, Jeffrey L. [mailto:BehmJL () bvsg com]
> Sent: Friday, January 20, 2006 05:34 PM
> To: firewall-wizards () honor icsalabs com
> Subject: [fw-wiz] Why are developers choosing to...

> Why are developers choosing to write "web-based" code that runs some
> sort of encryption, typically SSL, across a non-standard port (say
> 10443) and then having those URLs blow up when they try to traverse the
> prudent company's perimeter security...You know..."deny all that is not
> explicitly allowed."
>
> I am seeing more and more "websites" that use a URL such as
> http://register.at.my.site:10443. Why not just use the standard secure
> port 443 from the get go?  Is there something that makes SSL across
> 10443 innately more secure, or is this just the "security by obscurity"
> smoke-and-mirrors trick?

Obviously "security by obscurity".  The ONLY reason I can see for non-standard ports are multiple SEPARATE applications 
using the same URL: we pulled that trick, back in the dotcom days, when I worked for Virtual Compliance (now defunct).  
But domains are cheap enough these days to not need that trick. . .


_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards