[e2e] What if there were no well known numbers?
Christian Huitema
huitema at windows.microsoft.com
Wed Aug 2 21:18:47 PDT 2006
> In fact, blocking ports achieves no security to speak of. But you'd
> be threatening to expose the Emperor's nakedness with this proposal.
Blocking ports is a "black list" approach, i.e. mark something as
dangerous, and then block it. Many edge firewalls follow a "white list"
approach, i.e. mark something as innocuous and then allow it. In that
case, being able to quickly identify the application actually enhances
connectivity.
Of course, I am well aware of the games that can be played, e.g. running
HTTP on some random port number, or running some random application on
port 80...
-- Christian Huitema
More information about the end2end-interest
mailing list