Port blocking
Ville Vainio
ville at spammers.com
Tue Jan 11 02:47:41 EST 2005
>>>>> "Steve" == Steve Holden <steve at holdenweb.com> writes:
>> >>> Usually you wouldn't run a public corba or pyro service over
>> >>> the internet. You'd use something like XMLRPC over HTTP port
>> >>> 80 partly for the precise purpose of not getting blocked by
>> >>> firewalls.
Mark> I'm not sure if we're talking at cross-purposes here, but
Mark> the application isn't intended for public consumption, but
Mark> for fee-paying clients.
>> Still, if the consumption happens over the internet there is almost
>> 100% chance of the communication being prevented by firewalls.
>> This is exactly what "web services" are for.
Steve> I teach the odd security class, and what you say is far
Steve> from true. As long as the service is located behind a
Steve> firewall which opens up the correct holes for it, it's most
Steve> unlikely that corporate firewalls would disallow client
Steve> connections to such a remote port.
Yes, but "clients" might also act as servers, e.g. when they register
a callback object and expect the "server" to invoke something later
on. This is possible (and typical) with CORBA at least. ORBs can use
the same client-initiated connection for all the traffic, but this is
probably somewhere in the gray area.
--
Ville Vainio http://tinyurl.com/2prnb
More information about the Python-list
mailing list