Re: need help blocking ports on sonicwall router

From: ABS (f_at_f.com)
Date: 06/30/05 

Date: Wed, 29 Jun 2005 23:38:08 -0700

"Duane Arnold" <Notme@notme.com> wrote in message
news:B6Mwe.104028$_o.90020@attbi_s71...
> ABS wrote:
>
>> I've got a sonicwall TZ170W and need to block a bunch of ports so users
>> on
>> my network can not access nntp usenet newsgroup servers over those ports.
>> So should I be blocking outgoing or incomming? I think outgoing, but just
>> want to make sure. The ports I will be blocking are-
>> 119, 53, 23, 25, 9000, 8000, 3128, 563, 443
>
> Most likely outbound will do it.
>
>> I know 25 is smtp for email, so outgoing would be ok to block. 23
>> outgoing
>> should be ok to block as well. 443 incomming or outgoing I'm not sure
>> since that's https/ssl stuff. 53 is DNS and since i am not running a dns
>> server I'd block incomming right?
>
> You block 53 UDP outbound and no machine behind the router will be able to
> contact the ISP's DNS server to convert url's or domain names to IP(s) and
> won't be able to connect a site with a browser as an example.
>
>> Just looking for some clarification
>> please. I'd also like to block domains, but don't know how since my
>> ap[pliance doesn't seem to do that for anything but web domains. If I
>> could block the nntp protocol entirely then it should work out better cus
>> then in newsreader apps they can try to connect over port 80 but still be
>> blocked i have heard.
>
> Just block port 119 as I don't think you can block NNTP by protocol.
>
>> Not sure though. For nntp servers that accept
>> connections over port 80 the only thing i can try is to block the range
>> of
>> ips from that usenet server, but how would i find their range of ips they
>> use? newsreader.com is one as well as a couple more servers I'm
>> forgetting
>> right now. So if I know the company, how do i find the ip range they are
>> using for their news servers so I could just block the range?
>
> You might be able to use Arin WhoIs to make that determination of the
> block
> of IP(S) being used by the ISP. I took the IP to my ISP's NG server and
> entered it and it cameback with the list of IP(s).
>
> Duane :)
>
>

I guess i don't know what is what in my router. Need to figure out how to
get so any computer on my lan and wireless lan can not access wan and
whatever port i say. there's so many options for the sonicwall it's
confusing. i guess i have to call them.

Relevant Pages

  • Re: [opensuse] Remote upgrade problem
    ... All my remote sites have serial console servers connected. ... CCM840 8 port, dedicated local console ...
    (SuSE)
  • Re: Blocking attacks from spoofed IP addresses
    ... cause a _Self_ Denial Of Service attack. ... Defeating Denial of Service Attacks ... of our DMZ servers, and had source IPs from our public DNS servers. ... Web services are on your port 80 and/or 443, ...
    (comp.os.linux.networking)
  • panic: page fault - 6.0-RELEASE-p7
    ... While we thought we had done enough testing, apparently we hadn't and are now experiencing panic's on a number of the servers. ... ppc0: parallel port not found. ... unknown: can't assign resources (memory) ...
    (freebsd-questions)
  • Re: panic: page fault - 6.0-RELEASE-p7 (now 6.1-RC2)
    ... While we thought we had done enough testing, apparently we hadn't and are now experiencing panic's on a number of the servers. ... It has shown that information before, and it has always been tcpserver from the ucspi-tcp-0.88_2 port. ... unknown: can't assign resources (memory) ...
    (freebsd-questions)
  • Is FreeBSD ready for desktop (Mozilla Flash)
    ... monitor,, somehow the install fails to detect ... "Macromedia Flash plugin is not available for FreeBSD. ... I quote again "Install the www/linuxpluginwrapper port. ... servers, ...
    (comp.unix.bsd.freebsd.misc)