Lame applications that use port 80 for non-web traffic

From: Shawn Barnhart <[email protected]>
Date: Thu, 3 Aug 2000 10:01:57 -0500

I've been running squid transparently for about four days now, and so
far I'm pretty happy with it. My transparency is achieved by having my
firewall's http proxy forward all requests to a squid proxy running
outside the firewall. This saves legwork configuring browsers and I can
fall back to a non-proxied config at a moment's notice.

The downside I've run into is that I've run into (AdSend, running on
Macs, and another program called StrAdegy running on PCs) that appear to
want to do some kind of communications with their remote ends on port
80. I'm pretty sure this is the result of lazy developers trying to
"save" support costs by assuming that port 80 will be open for outbound
TCP connections and utilizing that port for non-http traffic instead of
standardizing on other port numbers.

Is there any kind of workaround for this? Is it unfortunately common?
I've built firewall rules that steer specific machine's traffic through
a vanilla packet filter instead of the proxy and it seems to solve the
problem, but its kind of a kludge.
Received on Thu Aug 03 2000 - 09:05:05 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:54:42 MST