Re: Port 119 blocked at work and I want it opened

From: Lars M. Hansen (badnews@hansenonline.net)
Date: 11/23/02 

From: Lars M. Hansen <badnews@hansenonline.net>
Date: Sat, 23 Nov 2002 13:44:56 GMT

On Sat, 23 Nov 2002 11:43:39 +0000 (UTC), Eddie Hotchkiss spoketh

>
>So my couple of questions are
>
>1. Is there any specific threat based on having port 119 opened for news
>

Not really. It's most likely a "content" and bandwidth issue. There's no
denying that there's quite a few newsgroups with sexual content that
might land the company a sexual harassment suit. Also, the bandwidth
consumed by the "hipster" in accounting downloading MP3s from
alt.binaries.sounds.mp3.rap-hiphop may not go over too well in
management, especially if you're paying for usage (rather than a flat,
monthly cost).

>
>2. Can this be restricted through the router / firewall to port 119 to
>news.microsoft.com only
>

You should be able to do this on both a firewall and a router. Firewalls
usually creates rules based on sourceIP, DestinationIP and
port/protocol. Allowing certain hosts on the LAN access to certain hosts
on the internet over port 119 should not be an issue.

A similar feature can be done on the external router, but if your
firewall is NAT'ing, it would apply to the entire LAN...

>
>3. If I have posted to the wrong forum, could you advise maybe a better one
>

This is probably the correct group. comp.dcom.sys.cisco might be able to
provide more specific help on access rules for the router (assuming your
internet router is cisco...)

>Cheers for any help, we only want to help users probs, and after the support
>site, newsgroups are the next best thing
>

Lars M. Hansen
http://www.hansenonline.net
(replace 'badnews' with 'lars' in e-mail address)

Relevant Pages

  • Re: Routers Firewall
    ... I ask him do you have a firewall and he says yes. ... I still have an IDS/firewall on all my machines behind the router. ... > to connect to a port your public IP address the router would reject the ... > An open port on the router could be connected to a service running on the ...
    (comp.security.firewalls)
  • Re: Possible Mail Relay or just new usages of returned mail by spammers
    ... If you have ANY type of firewall, be it a NAT router or true firewall ... ISA can be used in conjunction with the router/firewall, but if you do, you ... to be done twice...once in ISA, and once in the router to port forward to ...
    (microsoft.public.windows.server.sbs)
  • Re: Home firewall Hits
    ... >Port 162 with a UDP message. ... than theres nothing blocking access from the internet to your router. ... >Subject: Home firewall Hits ... >simplify the management and deployment of PGP and reduce overall PGP costs ...
    (Security-Basics)
  • Re: Routers Firewall
    ... > indicates that it has firewall technology, then the router doesn't have a ... What your router does have is NAT. ... ZA is a fine product which will protect a computer ... Port 80 is the WEB access port and port 21 is the FTP ...
    (comp.security.firewalls)
  • Re: Bypassing the firewall
    ... Firewall in the router but i think it comes with Zone Alarm. ... >> The one thing you MUST remember is that an open port is an open port no ... >> So start your game and then start TCPview to see the ports the game is ...
    (comp.security.firewalls)