Firewalls: RE: Firewalls: www & high port numbers

Firewalls
(October 1997)

Indexed By Thread: [Previous] [Next]

Subject:	RE: Firewalls: www & high port numbers
From:	"Stackpole, Bill" <BSTACKPO @ sla . com>
Date:	Thu, 16 Oct 1997 08:15:25 -0700
To:	"'Doug Bridgens'" <Doug . Bridgens @ 3Dlabs . com>, "'firewalls @ greatcircle . com'" <firewalls @ greatcircle . com>

Some routers and firewalls allow you to filter on "established"
connections.  This feature allows any inbound packets to pass through if
the connection was established internally (outbound) and will overcome
this particular problem.  However, it may create other security
problems.  I would like to hear from some others about the pit falls of
using this mechanism.  

> -----Original Message-----
> From:	Doug Bridgens [SMTP:Doug .
 Bridgens @
 3Dlabs .
 com]
> Sent:	Thursday, October 16, 1997 1:43 AM
> To:	'firewalls @
 greatcircle .
 com'
> Subject:	Firewalls: www & high port numbers
> 
> Hi,
>   When browsing the WWW lots of site offer downloadable software.
> When
> you click on the link to the download you are shoved to a new page at
> a
> high port number (eg. 34200).   When ever a browser tries to go to
> download something it just hangs because the firewall is stopping its
> communication throught the high port number.   Can anyone tell me what
> should be doneto allow downloading software from the web but not open
> up
> every port?
> 
> Thanks
> Doug

Follow-Ups:

RE: Firewalls: www & high port numbers
From: Steve Kruse <jsk347 @ worldnet . att . net>

Indexed By Date	Previous:	RE: Firewalls: Exchange mail proxy in DMZ. From: "Stackpole, Bill" <BSTACKPO @ sla . com>
Indexed By Date	Next:	Re: Firewalls-Digest V6 #489 From: tcooper @ hns . com
Indexed By Thread	Previous:	Re: Firewalls: www & high port numbers From: Leonard Miyata <leonard @ geminisecure . com>
Indexed By Thread	Next:	RE: Firewalls: www & high port numbers From: Steve Kruse <jsk347 @ worldnet . att . net>