Re: TCP/IP filter & SMTP

From: sharky (sharky@nospam.com)
Date: 09/10/02

• Next message: Tim Greene: "Re: IIS5 and Client Certificates on Win98"
• Previous message: Martin Smith: "RE: I can't remove IIS5.0."
• In reply to: Ken Schaefer: "Re: TCP/IP filter & SMTP"
• Next in thread: Jan Sonnemans: "Re: TCP/IP filter & SMTP"
• Reply: Jan Sonnemans: "Re: TCP/IP filter & SMTP"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

From: "sharky" <sharky@nospam.com>
Date: Tue, 10 Sep 2002 07:22:20 -0700

I'll give it a shot.
Thanks Ken!

"Ken Schaefer" <kenRMV@THISadOpenStatic.com> wrote in message
news:O8ASIhKWCHA.1664@tkmsftngp09...
> I said "packet sniffer", not "port scanner" :-)
>
> Open up all the ports so that it works. Then fire up NetMon (tool that
comes
> with Windows2000) and do a packet capture. Then look at all the TCP/UDP
> packets and see where they are going/coming. Find out which port it is
that
> you need to open.
>
> NetMon can be installed from the Add/Remove programs control panel
(Windows
> Components | Network Utilities(?))
>
> Cheers
> Ken
>
> --
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> "sharky" <sharky@nospam.com> wrote in message
> news:#h15GZKWCHA.2656@tkmsftngp10...
> > Thanks, Ken!
> >
> > I tried that using vbportscan.exe, but I got the same results when the
> > server is idle as when I sent mail from the site. It seems that the port
> > scanner is only checking listening ports, and maybe the server is
sending
> > some sort of UDP packet when I send mail (?).
> >
> > I've got TCP 53 open. This seems to be a UDP issue since this only
breaks
> > when I close UDP ports. I like Tiny, but it won't work on my particular
> > setup.
> >
> > I appreciate your input anyways.
> > - shark
> >
> >
> >
> > "Ken Schaefer" <kenRMV@THISadOpenStatic.com> wrote in message
> > news:OdSgT6JWCHA.1748@tkmsftngp09...
> > > What if you install some kind of packet sniffer and capture the
packets
> > > going back and forwards? This will tell you what port you'll need to
> > > open. -or- install a software application level firewall and see what
it
> > > pops up (TPF is a good choice: www.tinysoftware.com)
> > >
> > > Also, if you are using MS SMTP server or Exchange server, you'll need
to
> > > enable TCP 53:
> > > http://support.microsoft.com/default.aspx?scid=kb;en-us;Q263237
> > >
> > > Cheers
> > > Ken
> > >
> > > --
> > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> > > "sharky" <sharky@nospam.com> wrote in message
> > > news:ez3lCKHWCHA.1632@tkmsftngp11...
> > > > I have enabled TCP/IP filter on all addresses on my web server (yea
> me).
> > > >
> > > > I've got everything working except the UDP filter. I denied access
to
> > all
> > > > UDP services except 88,137,138,53,135 which allows me to browse my
> > network
> > > > connection to shares, resolve dns, and use RPC - BUT for some
reason,
> my
> > > web
> > > > server can no longer find my ISP's SMTP server to send mail from our
> asp
> > > > formmail. I get the following error:
> > > >
> > > > WSAHOST_NOT_FOUND
> > > >
> > > > That doesn't seem right because I've got SMTP (TCP) enabled on TCP,
> and
> > > DNS
> > > > (53) enabled in UDP, and I can't find any other ports that SMTP
might
> > use.
> > > >
> > > > If I enable all UDP ports, it works fine. When I deny all UDP ports
> > except
> > > > the above, it breaks, so it must be some UDP port is needed to use
> SMTP
> > > from
> > > > my web server.
> > > >
> > > > NOTE: this ONLY happens when I turn off UDP ports, and yes I have
> > enabled
> > > > SNTP ports on TCP, but that doesn't appear to be the problem because
I
> > > only
> > > > have this problem when I deny UDP ports.
> > > >
> > > > Has anybody run into this before or have some knowledge on the
subject
> > > they
> > > > can share?
> > > >
> > > > Gracias!
> > >
> > >
> > >
> >
> >
>
>

---

• Next message: Tim Greene: "Re: IIS5 and Client Certificates on Win98"
• Previous message: Martin Smith: "RE: I can't remove IIS5.0."
• In reply to: Ken Schaefer: "Re: TCP/IP filter & SMTP"
• Next in thread: Jan Sonnemans: "Re: TCP/IP filter & SMTP"
• Reply: Jan Sonnemans: "Re: TCP/IP filter & SMTP"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: I am sick of windows firewall ... I use the AnalogX IPsec rules to supplement BlackIce ... need IPsec to stop outbound that BlackIce cannot do by ... attempts on the Windows networking ports even though BI ... supplemental packet filtering solution. ... (comp.security.firewalls) Re: WSAAsyncSelect stopped working ... Do you mean that just installing VS cause the error or you re-build your app ... It just seems like the event generation or winsock UDP receiving has been ... the receipt of a packet, ... No Ports and Receive ... (microsoft.public.win32.programmer.networks) Re: N00b Question ... There is a great product called packet shaper by packetteer. ... AIM, iTunes, etc... ... ports and IP's this device will detect it. ... > For MSN/yahoo chat you can block the ports in your external firewall. ... (Security-Basics) Re: WSAAsyncSelect stopped working ... the utility sends out a UDP back and waits for an ACK using ... is blocking any ports. ... the receipt of a packet, ... Netstat -a shows the UDP port on the PC side open. ... (microsoft.public.win32.programmer.networks) Re: Stateful Packet Inspection Firewall ... and inspects packet contents for legality. ... > ports but also controls which applications can access the net / listen ... Presumably SPI does not place any restrictions on client ... explicit or implicit rule within the rulebase, ... (comp.security.firewalls)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(14)