>
>safe,
The reason for this is that HTTP messages are self describing. But as soon as HTTP is being used as a transport (and not according to its application semantics) administrators will surely close port 80 anyway.
IOW, as long as Joe-inside-the-enterprise-developer only uses HTTP GET et al. to according to their prescribed meaning all is well but one he starts letting e.g. GET request mess with the enterprise assets in arbitrary ways there will be no other choice but closing Port 80.
Bye-bye B2B and B2C over SOAP :-)
Jan
yet it continues to be a most common path of exploitation because it
>allows arbitrary content through. Believe me, I greatly enjoy what I can do
>with my we browser to use information and services on the web. But, I don't
>find it an attractive form of "dependable" and "secure" service.
>
>Gregg Wonderly
>
>
>
>
>
>
>
>Yahoo! Groups Links
>
>
>
>
>
>
SPONSORED LINKS
| Computer software | Computer aided design software | Computer job |
| Soa | Service-oriented architecture |
YAHOO! GROUPS LINKS
- Visit your group "service-orientated-architecture" on the web.
- To unsubscribe from this group, send an email to:
[EMAIL PROTECTED]
- Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.
