[ale] Port 443
Jonathan Rickman
jonathan at xcorps.net
Tue Jun 11 09:24:48 EDT 2002
On Tue, 11 Jun 2002, Terry Lee Tucker wrote:
> I am running a web server, but port 443 is not being forwarded by the firewall to the server. It's just an outdated
> home page. I saw that there was something doing a listen on 443 on the web sever machine and I was just curious.
>
As long as the firewall is blocking it, it's not a big deal. However, it
can be a security risk to have that particular service running in it's
default configuration. Script kiddies can blast away at your web server
with relative impunity, because their "l33t" cracking sessions will be
encrypted and will not be totally visible to a lot of IDS systems. Rule
number 1, if you don't need it...don't run it.
--
Jonathan Rickman
X Corps Security
http://www.xcorps.net
---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be
sent to listmaster at ale dot org.
More information about the Ale
mailing list