On Tue, 26 Oct 1999 GibsonBat_private wrote: > What do you mean by safely? So as not to conflict with existing > applications or ports that are less likely to allow breaches into the > machine or network? > > If it's the former, there is an RFC that list all the well known ports. RFC1700 had been superceded by a Web site available at: http://www.iana.org/numbers.html (IANA is mirrored at http://iana.netnod.se in case the primary is down or you're on that side of the Atlantic) under "Port Numbers." > There are LOT of services so perhaps you might want to think about what > services you might want to use and avoid their ports. > > If it's the latter then you should use unprivileged ports(ports over 1024). Unfortunately, this is no longer true given things like NetBIOS, and actually it's never been really true give things like X, NFS... > The bigger question is why would you want to run applications on your > firewall? This is a VERY BAD IDEA. That was (hopefully) just miscommunication. IMNSHO, proxy servers mitigate the risk more than opening ports on a filter, but tunneling is still possible with a proxy. > begin 600 winmail.dat Ick, can you fix this, it makes your messages significantly bigger than they need be. Thanks, Paul ----------------------------------------------------------------------------- Paul D. Robertson "My statements in this message are personal opinions probertsat_private which may have no basis whatsoever in fact." PSB#9280
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:45:33 PDT