This is an interesting choice, as Microsoft could have sent the data over HTTPS via port 443
to prevent eavesdroppers from looking at the data; instead, however, they used an unencrypted HTTP connection over port 80.
Today, applications from Salesforce.com, SharePoint to Farmville all run over TCP port 80 as well as encrypted SSL (TCP port 443
To successfully defend against such sophistication of attacks, CIOs and CSOs should ensure that they plug the loop holes in their current systems - ensure their systems accept only accept valid HTTP/S requests on port 80 and port 443
and doing this will ensure network layer attacks such as TCP SYN floods, UDP floods, and other network packet based attacks are deflected.
Security is further enhanced since we use a secure version of http called https on port 443
For example, this study ignored the identification of Port 80 and Port 443
because P2P applications also communicate through these two ports.
The same company offers LogMeIn tools for remote control which functions on the principle of tunnelling control protocol through HTTPS and standard port 443
and it is available to almost all networks which enable web access.
Additionally, NYU-Poly was able to solve a future project requirement for opening and maintaining a number of holes in the firewall to allow students to access their personal computers in the dormitories with a simple self-registration and remote desktop access solution built in to the same platform that required no other ports to be opened besides SSL port 443
According to the company, iHEAT 8.3.7 allows users to use a Universal Print Driver for printing to local client printers; offers proxy tunneling, allowing iHEAT to transmit data through Port 443
via the HTTPS CONNECT method; supports Microsoft's Group Policy and its extensions; allows systems administrators to install the iHEAT Server on to Windows XP Service Pack 2.
This allows the use of common browsers and Web-based clients at the agent level with no fussing around with firewalls--since HTTP (port 80) and HTTPS (port 443
) don't require special programming and permissions from IT security experts.