Shai, et al
ICQ has a number of issues that impact on a decision to allow it through a
firewall.
See here for a start:
http://www.insecure.org/sploits/icq.sp00fer.html
http://www.insecure.org/sploits/icq.spoof.overflow.seq.html
You might want to reconsider your security policy.
spiff
On Wed, 27 Oct 1999, Chris Dinsmore wrote:
> Shai,
>
> ICQ is very touchy. ICQ servers are notorious for dropping connections
> constantly, and for being extremely timeout sensitive. This problem is
> magnified when using network address translation as your packets are going
> through a latency increasingprocedure, and a redirection which as you may
> know with UDP is not 100% reliable as there is no error correction. Your
> best bet in this situation is to include a SOCKS5 compliant proxy using an
> untranslated IP address in your network configuration, then configure ICQ to
> use it by selecting "I am behind a firewall or proxy" in the connection
> preferences.
>
> Christopher Dinsmore
> CCSA CCSE
> ===========================
> Netegrity Technical Support
> [EMAIL PROTECTED]
> 781-890-1700
> ===========================
> > -----Original Message-----
> > From: Shai [mailto:[EMAIL PROTECTED]]
> > Sent: Wednesday, October 27, 1999 5:05 AM
> > To: [EMAIL PROTECTED]
> > Subject: ICQ problems
> >
> > Hi,
> >
> > I am using Firewall-1 with NAT and since we set it up we have ICQ problems
> > (I.e. users up and down all the time, messages not delivered\received
> > etc...).
> > I wonder what is the best way to make ICQ working, Is it safe to open port
> > 4000 TCP and UDP for ICQ?
> > Is there any safer way to do it?
> >
> > Thx,
> >
> > Shai Peri
> > ----------------------------------------
> > AGENTics Ltd.- SysAdmin.
> > Tel. 09-9548969, Ext. 209
> > ----------------------------------------
> > Email: [EMAIL PROTECTED] (I hope this isn't the domain with the ICQ)
> > ----------------------------------------
> > T-mailer: 03-6810080
> > No. 039502912
> > ----------------------------------------
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]