[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: using por numbers in selectors
...and what do you do if the Policy says use FTP port - but FTP-data port
is dynamically assigned? Same for HTTP.
Dan Harkins wrote:
> I may regret opening this up again but....
>
> So what are you going to do if you're locally configured for, say,
> "all tcp traffic" or "all IP traffic" and someone gives you an offer
> of "tcp port X"? Refuse it?
>
> Similarly, what do you do if you're configured for "all IP to the
> 10.20.30/24 network" and someone gives you an offer to 10.20.30.87?
> Do you refuse it?
>
> Dan.
>
> On Tue, 22 Jun 1999 10:16:40 PDT you wrote
> > "Steven M. Bellovin" wrote:
> > >
> > > Do any commercial IPSEC implementations use port numbers in their
> > > policy databases? The ones I've looked at this far seem to use only
> > > IP addresses.
> >
> > RedCreek will be supporting ports in an upcoming release.
--
Bronislav Kavsan
IRE Secure Solutions, Inc.
100 Conifer Hill Drive Suite 513
Danvers, MA 01923
voice: 978-739-2384
http://www.ire.com
Follow-Ups:
References: