Re: Allow IP ranges on a selected Port

From: Duane Arnold (notme_at_notme.com)
Date: 01/14/04

• Next message: optikl: "Re: Sysgate personal firewall pro - problem with fw.sys"
• Previous message: championsleeper: "Sysgate personal firewall pro - problem with fw.sys"
• In reply to: Azmodan: "Allow IP ranges on a selected Port"
• Next in thread: \: "Re: Allow IP ranges on a selected Port"
• Reply: \: "Re: Allow IP ranges on a selected Port"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Wed, 14 Jan 2004 11:49:53 GMT

"Azmodan" <Azmodan@netspace.net.au> wrote in
news:bu2rvl$cvr$1@otis.netspace.net.au:

> Hi all, just wondering if anyone knows of any Software that enables
> you to allow a list of IP addresses via a selected port(hence block
> everything else on that port)? I need to be able to add 1300 IP Ranges
> to it!
>
> Sort of like PeerGuardian but Allowing instead of blocking
>
> I don't want to add them manually in NIS2004 because it will take me
> days :(
>
> any help gr8ly appreciated..
>
> cheers Az
>
>
>

I do something like that with BlackIcc Advanced FW settings.

1) rule

Name : Test
IP: all IP(s)
Ports: 1000-2000
Type: TCP
Reject

2) rule

IP: 192.168.1.100-192.168.1.155
Ports: 1000-2000
Type: TCP
Accept

You can also go to the BI firewall.ini file, which is a text file and
create rules there as well and start doing a *copy/past* with a text
editor.

The rules in the FW UI are placed in the Firewall.ini file and you can use
that as an example on cloning the rules for multiple IP(s).

BlackIce does have a full trial version you can play around with.

Maybe, you can do something in the area with IPsec, if using Win2k or XP. I
am just now starting to investigate the possibility of copying policies.

http://lists.gpick.com/pages/IP_Security_(IPSec).htm

Duane :)
 

---

• Next message: optikl: "Re: Sysgate personal firewall pro - problem with fw.sys"
• Previous message: championsleeper: "Sysgate personal firewall pro - problem with fw.sys"
• In reply to: Azmodan: "Allow IP ranges on a selected Port"
• Next in thread: \: "Re: Allow IP ranges on a selected Port"
• Reply: \: "Re: Allow IP ranges on a selected Port"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages RE: IM Programs ... want to block these ports. ... you don't need an explicit deny for the other ports. ... Access-list 101 deny any tcp any any eq 5000 ... >Now, when applying these to your firewall, make sure the number ... (Security-Basics) Re: What should I block out with my new firewall software? ... >> block out that I don't use or need, like UDP or TCP. ... >> activity or attempts from outside hackers to penetrate these ports. ... never stop svchost from comunnicating on the Internet. ... > Web updates, as far as I know, are downloaded the same way that ... (comp.security.firewalls) Re: Fingerprinting Windows O/S based on ports open? ... finger printing by open default ports is not always ... OS fingerprinting is not as plain and claer cut as it was perhaps a few ... settings in tcp packets. ... >> Looking for a better way to manage your IP security? ... (Pen-Test) Re: NFS inconsistent behaviour ... of tcp connections in TIME_WAIT state. ... Why there are so many connections in waiting state? ... and remote port so the ports stay in use for a few minutes. ... I ran out of privileged ports due to treemounting on /net from about 50 ... (Linux-Kernel) Re: Is there any legit reason for TCP scans? ... The TCP scan examines the 1,024 ports that are mainly reserved for TCP ... routers and proxies for users connecting to the Web site through such ... > anti-virus nor Stinger reports the presence of anything malicious. ... (comp.security.firewalls)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > comp.security.firewalls  > 2004-01