[ale] Port 443

Jonathan Rickman jonathan at xcorps.net
Tue Jun 11 09:48:50 EDT 2002


On Tue, 11 Jun 2002, Geoffrey wrote:

> Jonathan Rickman wrote:
> > On Tue, 11 Jun 2002, Terry Lee Tucker wrote:
> >
> >
> >>I am running a web server, but port 443 is not being forwarded by the firewall to the server. It's just an outdated
> >>home page. I saw that there was something doing a listen on 443 on the web sever machine and I was just curious.
> >>
> >>
> >
> > As long as the firewall is blocking it, it's not a big deal. However, it
> > can be a security risk to have that particular service running in it's
> > default configuration. Script kiddies can blast away at your web server
> > with relative impunity, because their "l33t" cracking sessions will be
> > encrypted and will not be totally visible to a lot of IDS systems. Rule
> > number 1, if you don't need it...don't run it.
>
> Do you have any suggestions as to provide the service securely?
>
> >
> >
>
>
>

If you need it. Run it. There are IDS systems that can decode SSL. Snort
is one. There's really no way to provide ANY www service securely.
Situational awareness is the key. Read logs, patch software, and pay
attention to the IDS.

-- 
Jonathan Rickman
X Corps Security
http://www.xcorps.net


---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.






More information about the Ale mailing list