This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/ripe-atlas@ripe.net/
[atlas] Probe cannot connect from behind IDS/IPS with HTTPS inspection
- Previous message (by thread): [atlas] Probe cannot connect from behind IDS/IPS with HTTPS inspection
- Next message (by thread): [atlas] a thought about public probe page...
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Daniel Karrenberg
daniel at karrenberg.net
Wed May 21 18:10:40 CEST 2014
On 21.05.14 16:58 , Philip Homburg wrote: > ... > > I'm curious what this firewall is trying to do. If it allows > unrestricted outbound connectivity over ssh, but not ssh on port 443. > What is that rule trying to protect? That is all an interesting discussion but not all that useful. Our decision to use 443 comes from our experience/expectation that 443 is more permeable than 22. However the protocol we are running "belongs" on 22 and it is somewhat silly to not use that port when it is in fact usable. So I think it is a reasonable request to use 22 when available. Again: the relative priority of this is another question that depends on the number of cases where 22 works and 443 does not. Currently I would not expect this to happen often. But that may change as middle box silliness increases. So I suggest again to put it on the list of requests with low priority. Daniel
- Previous message (by thread): [atlas] Probe cannot connect from behind IDS/IPS with HTTPS inspection
- Next message (by thread): [atlas] a thought about public probe page...
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]