[ale] Port 443

Jonathan Rickman jonathan at xcorps.net
Tue Jun 11 09:24:48 EDT 2002


On Tue, 11 Jun 2002, Terry Lee Tucker wrote:

> I am running a web server, but port 443 is not being forwarded by the firewall to the server. It's just an outdated
> home page. I saw that there was something doing a listen on 443 on the web sever machine and I was just curious.
>

As long as the firewall is blocking it, it's not a big deal. However, it
can be a security risk to have that particular service running in it's
default configuration. Script kiddies can blast away at your web server
with relative impunity, because their "l33t" cracking sessions will be
encrypted and will not be totally visible to a lot of IDS systems. Rule
number 1, if you don't need it...don't run it.

-- 
Jonathan Rickman
X Corps Security
http://www.xcorps.net


---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.






More information about the Ale mailing list