[ previous ] [ next ] [ threads ]
 From:  "Richard Parvass" <Richard dot Parvass at aaland dot co dot uk>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Feature request
 Date:  Mon, 4 Apr 2005 13:12:33 +0100
But by selecting https in the config, m0n0 doesn't listen to non-https,
so there is already no chance the admin uses unencrypted access.

Re redirecting: if an admin needs to be hand-held to this level, I don't
think it's appropriate for said admin to be in charge of a firewall! The
port and protocol used should be in the institution's
documentation/disaster recovery anyway.

My 2p.


>The idea *is* to lock it down. By redirecting explicitly
>connections on port 80 to port 443, you make it so there
>is no chance that the administrator will use the 
>unencrypted channel. Call it another layer of security.