[Sidewinder] Sidewinder Digest, Vol 47, Issue 7
Sidewinder moderated discussion list
sidewinder at adeptech.com
Fri Dec 12 12:58:08 EST 2008
Yes, I went thru and discovered that it really only can block SOAP.
We have a application that uses port 443 and they claim SOAP is the
protocol, it is being blocked as a protocol violation.
I read that SOAP can tunnel on HTTP or thru HTTPS, I must assume this
application is failing because it is not doing either correctly.
Log snipit:
category: protocol_violation event: Not HTTP or SSL
reason: Not valid HTTP or SSL negotiation: SSL V2
Gerald Mundy
Lead IT Specialist (Security)
U.S. Department of State
IRM/OPS/MSO/EML
202-647-6801
E.O. 12958: N/A
-----Original Message-----
From: sidewinder-bounces at adeptech.com
[mailto:sidewinder-bounces at adeptech.com] On Behalf Of
sidewinder-request at adeptech.com
Sent: Friday, December 12, 2008 12:00 PM
To: sidewinder at adeptech.com
Subject: Sidewinder Digest, Vol 47, Issue 7
Send Sidewinder mailing list submissions to
sidewinder at adeptech.com
To subscribe or unsubscribe via the World Wide Web, visit
http://mail.adeptech.com/mailman/listinfo/sidewinder
or, via email, send a message with subject or body 'help' to
sidewinder-request at adeptech.com
You can reach the person managing the list at
sidewinder-owner at adeptech.com
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Sidewinder digest..."
Today's Topics:
1. Re: SOAP controlls thru Secure Firewall
(Sidewinder moderated discussion list)
----------------------------------------------------------------------
Message: 1
Date: Thu, 11 Dec 2008 12:24:06 -0500
From: Sidewinder moderated discussion list <sidewinder at adeptech.com>
Subject: Re: [Sidewinder] SOAP controlls thru Secure Firewall
To: <sidewinder at adeptech.com>
Message-ID:
<596FEB6BBA832B4B84367DFBF70549AF6C885F at dor-exchange-a.dorfsmain.ad.dor>
Content-Type: text/plain; charset="us-ascii"
I'm not aware that it can do anything above and beyond what's in the
HTTP/HTTPS Application Defenses. Namely, check HTTP methods, the request
and reply headers, etc., but I could be wrong.
What are you trying to accomplish?
Cheers,
James Sheehy, CISSP
Mass. Dept. of Revenue
Chelsea, MA, USA
> -----Original Message-----
> From: sidewinder-bounces at adeptech.com
> [mailto:sidewinder-bounces at adeptech.com] On Behalf Of
> Sidewinder moderated discussion list
> Sent: Thursday, December 11, 2008 9:57 AM
> To: sidewinder at adeptech.com
> Subject: [Sidewinder] SOAP controlls thru Secure Firewall
>
> Anyone have references for what SC can do with SOAP native,
> SOAP over HTTP, SOAP over 443, etc?
>
> Gerald Mundy
> Lead IT Specialist (Security)
> U.S. Department of State
> IRM/OPS/MSO/EML
> 202-647-6801
> E.O. 12958: N/A
>
> _______________________________________________
> Sidewinder mailing list
> Sidewinder at adeptech.com
> http://mail.adeptech.com/mailman/listinfo/sidewinder
>
**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager at postmaster at dor.state.ma.us.
**********************************************************************
------------------------------
_______________________________________________
Sidewinder mailing list
Sidewinder at adeptech.com
http://mail.adeptech.com/mailman/listinfo/sidewinder
End of Sidewinder Digest, Vol 47, Issue 7
*****************************************
More information about the Sidewinder
mailing list