Customer-facing ACLs

• Previous message (by thread): Customer-facing ACLs
• Next message (by thread): Customer-facing ACLs
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 18 Mar 2008, Marshall Eubanks wrote:

>> If it becomes normal for home users to only have 80 and 443, then how can I 
>> innovate and design something that needs a new protocol ?  What happens to 
>> the new voice and video services for example ?
>
> The DOD has already been faced with this (I know of some AFB that have 
> instituted this policy).
>
> The solution, of course, is to hire consultants (SIBR if possible) to port 
> everything to port 80 !

That's been going on for years.  Back when it was common for ISPs to run 
squid servers and transparently proxy to them (probably around 2000), I 
ran into a customer using some sort of aviation data in real time app 
which used port 80 (and wasn't HTTP).  I had to special case traffic to 
that service's IP to get it not to hit squid.  When I asked them why they 
were running a non-HTTP protocol on 80/tcp, the answer was "that gets us 
through most firewalls."

----------------------------------------------------------------------
  Jon Lewis                   |  I route
  Senior Network Engineer     |  therefore you are
  Atlantic Net                |
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________

• Previous message (by thread): Customer-facing ACLs
• Next message (by thread): Customer-facing ACLs
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]