gwion
wild colonial boy
Premium,ExMod 2001-08
join:2000-12-28
Pittsburgh, PA
| reply to matunga
Re: [Kerio 4.x] port 44334 is OPEN: BIG SECURITY HOLE
Well, it always configured through a TCP connection, remote or local, and listened on 44334 for connections... in 2.x, remote admin could be disabled, though, and there was password protection available. A firewall can listen for remote (or loopback) administrative connections, no problem, IF that can be properly secured - but one thing that worries me is this version has no password support, does it? Does it support remote admin? If so, this is a huge hole. You can't have a wide open firewall without passwords, sitting with an open admin port waiting for connections. That's not a firewall, if that's the case, that's a toy.
--
Even when you feel like your life is fading
I know that you'll go on forever
You're that good... |
|
matunga
join:2003-07-26
| Re: [Kerio 4.x] port 44334 is OPEN: BIG SECURITY H
This is the official answer by Kerio staff I received by e-mail:
"Hello,
This port is for remote adimistration of KPF. Port is opened when password is seted.
S pozdravem
David Kral
Technical support engineer
" |
|
madirish
Premium
join:2003-08-04
Cleveland, OH
| Hi matunga,The only problem I have with their official answer is-I have the password disabled and PCFlank is still showing that port open.I think a more plausible explanation is here: »forums.kerio.com/index.php?t=msg···f726654b
Hopefully this will be fixed soon. |
|
matunga
join:2003-07-26
| said by madirish  :
Hi matunga,The only problem I have with their official answer is-I have the password disabled and PCFlank is still showing that port open.I think a more plausible explanation is here: »forums.kerio.com/index.php?t=msg···f726654b
Hopefully this will be fixed soon.
yes, it happens to me too. Port 44334 is open. |
|
