Because you are using a proxy/firewall. With the proxy/firewall you have to do
special things in order to let a
connectok leave your network. A normal firewall just filters traffic the flows through
it. The proxy has to actually
manipulate ANY packets that are destined for outside destinations and vice-versa.
Also, if i am understanding you correctly your are inplementing a policy of deny by
default. This will work because
only specific services are allowed through. The thread thus far has focused on an
Allow by default security policy.
Eric Anderson
ConnectOK.com
[EMAIL PROTECTED] wrote:
> Contrary to my earlier comments on this thread, I've got Napster on my
> machine on the Internal network, and I'm unable to get though via our
> proxy.
>
> Our firewall/proxy does not block any sites, yet the Firewall only allows
> certain ports through (for http, ftp etc).
>
> How come I've managed to stop Napster access if you say that Napster will
> find a way?
>
> Griff
>
>
> "Brian C. Kovatch"
> <[EMAIL PROTECTED]> To: "Thomas Novin"
><[EMAIL PROTECTED]>, <[EMAIL PROTECTED]>
> Sent by: cc:
> firewalls-owner@List Subject: RE: napster
> s.GNAC.NET
>
>
> 27/04/00 03:24
> Please respond to
> vatch
>
>
>
> Port-wise your screwed. Napster will find an open port.
> Best thing to do is block to these address ranges:
>
> 208.178.163.56 mask: 255.255.255.248
> 208.178.175.128 mask: 255.255.255.248
> 208.49.239.240 mask: 255.255.255.240
> 208.49.228.0 mask: 255.255.255.0
> 208.184.216.0 mask: 255.255.255.0
>
> > -----Original Message-----
> > From: [EMAIL PROTECTED]
> > [mailto:[EMAIL PROTECTED]]On Behalf Of Thomas Novin
> > Sent: Tuesday, April 25, 2000 8:50 AM
> > To: [EMAIL PROTECTED]
> > Subject: napster
> >
> >
> > Hi.
> >
> > I would like to block all users on our network to run napster.
> > How do i know
> > which ip ranges or ports i should block?
> >
> > Thomas.
> >
> >
> >
> > -
> > [To unsubscribe, send mail to [EMAIL PROTECTED] with
> > "unsubscribe firewalls" in the body of the message.]
> >
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
> **********************************************************************
> If you are not the intended recipient of this e-mail and have received it
> in error, you are on notice that the e-mail and any attached files are
> confidential. Please notify us immediately by reply e-mail and then delete
> this message from your system. Please do not use, distribute, copy or
> take any action in reliance on it as to do so could be a breach
> of confidence. The sender does not accept any responsibility for any
> loss, disruption or damage to your data or computer system which may occur
> whilst using data contained in, or transmitted with, this e-mail. Thank
> you for your co-operation. If you need assistance, please contact
> Maritz Ltd - tel.: +44 (0)1628 486011 or e-mail: [EMAIL PROTECTED]
> **********************************************************************
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
