need help blocking ports on sonicwall router

From: ABS (f_at_f.com)
Date: 06/30/05 

Date: Wed, 29 Jun 2005 21:35:47 -0700

I've got a sonicwall TZ170W and need to block a bunch of ports so users on
my network can not access nntp usenet newsgroup servers over those ports. So
should I be blocking outgoing or incomming? I think outgoing, but just want
to make sure. The ports I will be blocking are-
119, 53, 23, 25, 9000, 8000, 3128, 563, 443
I know 25 is smtp for email, so outgoing would be ok to block. 23 outgoing
should be ok to block as well. 443 incomming or outgoing I'm not sure since
that's https/ssl stuff. 53 is DNS and since i am not running a dns server
I'd block incomming right? Just looking for some clarification please.
I'd also like to block domains, but don't know how since my ap[pliance
doesn't seem to do that for anything but web domains. If I could block the
nntp protocol entirely then it should work out better cus then in newsreader
apps they can try to connect over port 80 but still be blocked i have heard.
Not sure though. For nntp servers that accept connections over port 80 the
only thing i can try is to block the range of ips from that usenet server,
but how would i find their range of ips they use? newsreader.com is one as
well as a couple more servers I'm forgetting right now. So if I know the
company, how do i find the ip range they are using for their news servers so
I could just block the range?

Thanks guys.

Relevant Pages

  • Re: need help blocking ports on sonicwall router
    ... >> my network can not access nntp usenet newsgroup servers over those ports. ... >> So should I be blocking outgoing or incomming? ... > Just block port 119 as I don't think you can block NNTP by protocol. ...
    (comp.security.firewalls)
  • Re: Test Message from Australias leading ISP....
    ... but much traffic through Bigpond where I am. ... Obvious sync problems with overseas servers, ... to the actual individual) and said that the Telstra CEO's office is my ... NNTP servers so we can go back to a more reliable and efficient service. ...
    (alt.guitar)
  • Re: Visa PCI Firewall Requirements and Windows Networks
    ... GP without the risk of open ports or a DC in the DMZ. ... Outbound access should be minimized but if windows update is your ... alternative tools on trusted servers to patch your machine. ... > behind the second firewall. ...
    (Focus-Microsoft)
  • Re: HACKING SOFTWARE
    ... You know there is more to just running nmap on people's servers. ... ICMP requests and I have no open ports what so ever (not just firewalled - ... That's CIA crap!" ...
    (alt.2600)
  • Re: HACKING SOFTWARE
    ... You know there is more to just running nmap on people's servers. ... ICMP requests and I have no open ports what so ever (not just firewalled - ... the hell to compile a recent version of Nmap, so I use a real old Windows ...
    (alt.2600)