Date: Thu, 12 Jul 2012 14:44:48 -0400 From: Lowell Gilbert <freebsd-questions-local@be-well.ilk.org> To: Peter Vereshagin <peter@vereshagin.org>, Kaya Saman <kayasaman@gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: Is there a way to run FreeBSD ports through port 80? Message-ID: <44bojk3jkv.fsf@be-well.ilk.org> In-Reply-To: <20120712174139.GA10822@external.screwed.box> (Peter Vereshagin's message of "Thu, 12 Jul 2012 21:41:40 %2B0400") References: <CAPj0R5KJ=0yFcQG5azYfCS73oWLAfJhf4NpAz5Oozo4N-vYQyg@mail.gmail.com> <op.whcd9pee34t2sn@tech304> <CAPj0R5%2Bt4Z-2ZSXNd_%2BvcVxGrdw%2BGi__MUACHdq2PQpX-8NLhg@mail.gmail.com> <44k3y83nib.fsf@be-well.ilk.org> <20120712174139.GA10822@external.screwed.box>
next in thread | previous in thread | raw e-mail | index | archive | help
Peter Vereshagin <peter@vereshagin.org> writes: > 2012/07/12 13:19:56 -0400 Lowell Gilbert <freebsd-questions-local@be-well.ilk.org> => To Kaya Saman : > LG> URLs as well as FTP. For ones that aren't, (and assuming the rather > LG> silly security policies won't allow for an external web-based FTP proxy) > LG> you may need to bring them in by offline media. > > I believe there should be the way of using the passive ftp (and any other > protocol) via the HTTP CONNECT method to the ftp (or any other port needed for > other protocol/app) port and then handling the both control and data > connections through the consequent copmmands and data exhange. You've just described an FTP proxy. That's already been ruled out. > Most surprise for me is why no one is interested about what kind of a danger > the ftp protocol can ever be? i. e. skype is much more vicious in comparison to > ftp and s much harder to be restricted by a packet filter if even possoible. Unfortunately, it's common. Often it's a reaction to the idea that FTP is an insecure protocol -- which is true, in a sense, because authentication information is passed in the clear, but irrelevant to anonymous use. This is silly, yes, but it's fairly popular among the types of "IT" people who think that NAT is a security service. Or possibly Nothing But HTTP is allowed through the firewall (which is, at least, a rational response to not knowing much about TCP/IP). Be well.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44bojk3jkv.fsf>