Re: Source Code to Filter out WindowsMessenger POP-UPS

From: James Arrow (netw0rk_at_rol.ru)
Date: 08/30/03


Date: 30 Aug 2003 00:02:09 -0700


LanTalk XP
http://www.lantalk.net

"douglas martin" <dsmrtn@pacbell.net> wrote in message news:<05b401c36e80$d65a57a0$a301280a@phx.gbl>...
> Okay, I've closed and am testing the ports you suggested
> and will see if I lose anything besides the annoying
> POPUPS. I spent probably 2-3 weeks over a very very long
> time to get the details I did get about the ports and none
> of them said anything about just 25 and 443 (or 80 if you
> chose).
>
> Yes, my Exchange server is MSDN/Dev only - which is how I
> use it. It does not act as a relay server - at least
> according to 3rd party test sites. But I review my logs
> daily - and I see people trying, and I block them as I
> find them. Course, my ISP (very big ISP) has been shut
> down several times by AOL for allowing some of their mail
> servers to act as relays.
>
> And I do understand everyones concern about real DMZ's and
> Firewalls. To that I will just add that REAL security -
> sleep at night security - requires a real
> hardward/software/support budget - which exceeds my self
> appropriated self-education budget. But I'm an
> applications developer, not a lan, dba, or security guy.
> I know just enough to, so far, keep my system secure
> (something the company I work for has yet to do and it was
> in the top 10 nationwide for profitability last year and
> they have a huge hardware/software/support budget for
> security). There is something wrong when your
> Firewall/DMZ setup has more hardware and PC's than behind
> the firewall.
>
> So, so far, I think my little setup has been holding its'
> own by comparison to the major companies I either work for
> or do business with.
>
> But I disagree that it is wrong or a bad idea to have
> source code that performs the functions I requested. As I
> stated, a 3rd party company already offers a solution as a
> black box - and if you didn't know what it did, you
> wouldn't know you got taken advantage of. If I was
> wearing my 'security guy' hat I might take your position.
> If this was my wife's LAN and I was the security guy I
> WOULD take your position. But I'm trying to wear
> my 'developer guy" hat more than my 'security guy'
> and 'lan guy' hats. And that guy wants to try and test a
> source code solution.
>
> Some day I might be looking at a job openning requesting
> experience on something like this. It is just that simple.
>
> doug
>
>
> >-----Original Message-----
> >In article <0da501c36e48$06bc99f0$a501280a@phx.gbl>,
> >says...
> >> I have searched and searched, but I probably just don't
> >> know the vocabulary for searching for code that lets me
> >> leave a port "open" like Port 80 or Port 135-139 which
> I
> >> have open on my little lab\lan at home.
> >>
> >> I am looking for a source code solution, not another
> >> firewall, not a 3rd party utility.
> >>
> >> I'm running Win2K server with Exchange 2000 (amoung
> >> others) and need the ports open for external mail.
> >
> >You DO NOT need those ports open to run Exchange 2000
> server. You only
> >need to map an INBOUND port 25 to the E2K box to allow
> inbound email,
> >and then use OWA on the E2K box and port 443 (SSL) to get
> access to your
> >email from outside the LAN. So, in order to do what you
> want, you only
> >need to open 25 and 443 inbound to access MS Exchange
> from outside your
> >lan. If you don't want to use SSL (and god knows why
> anyone would not
> >want too, it's sooo easy to setup for OWA) you could map
> port 80 inbound
> >to the E2K server.
> >
> >Opening the other ports just means you are a LARGE TARGET.
> >
> >One other thing, unless you have a fixed IP and keep the
> server blocked
> >from open relay, you will be black listed and most ISP's
> will block any
> >mail you send from your E2K box using RBL lists.
> >
> >[snip]
> >
> >> I have a LinkSys Firewall, but it doesn't offer
> granular
> >> filtering - port is open port is closed. Also I am
> >> limited to 12 ranges of Ports, no more. Given very few
> >> Ports are in sequence, so I eat 1 range per port
> mostly.
> >> They go quick.
> >
> >Again, with the Linksys, you only need to allow 25, 80,
> 443 inbound to
> >the E2K server in order to GET email (port 25) and to
> access it from
> >outside your network (80/443).
> >
> >[snip]
> >
> >> I own and can install ISA server, but jezzzz - like
> using
> >> a wrecking ball when you just want a hammer.
> >
> >If you are running E2K from the MSDN, then it's only a
> TEST/DEVELOPMENT
> >server and can not be used for Production use. You should
> have a
> >firewall, a true firewall, in front of the E2K server. In
> fact, I would
> >put it in the DMZ in your case.
> >
> >> So far everyone wants me to solve the problem with
> >> hardware or software turnkey solutions.
> >
> >That would be because we know what we are talking about
> and have years
> >of experience designing networks and solutions for small
> businesses.
> >
> >> Now add into this the root cause of my irratation being
> >> those clowns that send POP-UPs that they admit are
> >> annoying and I have to cough up $25 to have then send
> me a
> >> tool to disable my Messenger service....!!!!
> >
> >Since you ONLY NEED 25, 80, 443 OPEN INBOUND, your
> problem will go away
> >of you close 135~139 and you won't have to do anything
> else.
> >
> >> Why doesn't MS have a sample download for this type of
> >> code?
> >
> >Because what you are wanting is not a good idea in any
> manner. There are
> >already products (Firewalls) available for this. If you
> could take a few
> >minutes to understand why you DON'T NEED TO OPEN 135~139
> INBOUND you
> >would not be asking for this.
> >
> >Mark
> >
> >--
> >--
> >spamfree999@rrohio.com
> >(Remove 999 to reply to me)
> >.
> >