Q: What about the security ? Does HTTPort increase the vulnerability of our network ?|
The answer is - very little.
This is how you may think of it:
If there was no HTTPort and you used your browser for surfing,
then, most probably you were able to download and run some executable
file from the Internet. Was it secure ? No, not at all. A trojan,
a bomb, or simply a virus could have been injected in your network
EVEN WITHOUT HTTPORT.
HTTPort makes it possible to open a client side of a TCP/IP connection
and provide it to any software.
CLIENT means that HTTPort may not be used for trojans like NetBus or BackOrifice,
because HTTPort can't make a "listening" server side of a TCP/IP connection,
available for connection from outside, which could possibly be exploited
by trojans. This in turn means that HTTPort may be exploited by "client type"
software only, not "server type".
ANY SOFTWARE means, that ANY OTHER software may use the same technique
that HTTPort does to perform exactly the same. Moreover, the client
side of a malicious software (we are talking of the client sides only,
remember ? :) may use plain HTTP protocol to access remote malicious
server. Need an example ? Yahoo Messenger is the one. It uses HTTP
protocol for passing custom information through the proxy. Imagine
that there were a Gotcha Messenger instead.
Therefore in my humble opinion HTTPort may not be abused as a
security hole or something.