Re: [leaf-user] Symantec

2003-01-29 Thread Erich Titl
Homer Homer Parker wrote the following at 18:04 29.01.2003: What would be the best way to handle Symantec's LiveUpdate through a Bering 1.0 firewall? Tom says using domain names is not a goot thing, and I understand the reasoning behind that. liveupdate.symantecliveupdate.com resolves to

Re: [leaf-user] Symantec

2003-01-29 Thread Tom Eastep
--On Wednesday, January 29, 2003 11:40 PM +0100 Erich Titl <[EMAIL PROTECTED]> wrote: AFAIK LiveUpdate is initiated from the station that requests it, so normally you don't need to set up anything as this is related traffic. Correct -- I have LiveUpdate running here on two systems without a

RE: [leaf-user] Symantec

2003-01-29 Thread Henning, Brian
why isn't that stopped by the firewall? -Original Message- From: Tom Eastep [mailto:[EMAIL PROTECTED]] Sent: Wednesday, January 29, 2003 4:56 PM To: [EMAIL PROTECTED] Subject: Re: [leaf-user] Symantec --On Wednesday, January 29, 2003 11:40 PM +0100 Erich Titl <[EMAIL P

Re: [leaf-user] Symantec

2003-01-29 Thread Lynn Avants
On Wednesday 29 January 2003 05:08 pm, you wrote: > why isn't that stopped by the firewall? Because your LAN machine(s) initate the connection. -- ~Lynn Avants Linux Embedded Firewall Project developer http://leaf.sourceforge.net --- This SF.N

RE: [leaf-user] Symantec

2003-01-29 Thread Tom Eastep
? -Original Message- From: Tom Eastep [mailto:[EMAIL PROTECTED]] Sent: Wednesday, January 29, 2003 4:56 PM To: [EMAIL PROTECTED] Subject: Re: [leaf-user] Symantec --On Wednesday, January 29, 2003 11:40 PM +0100 Erich Titl <[EMAIL PROTECTED]> wrote: AFAIK LiveUpdate is i

Re: [leaf-user] Symantec

2003-01-29 Thread Homer Parker
On Wed, 29 Jan 2003 14:56:01 -0800 Tom Eastep <[EMAIL PROTECTED]> wrote > > > --On Wednesday, January 29, 2003 11:40 PM +0100 Erich Titl > <[EMAIL PROTECTED]> wrote: > > > > > AFAIK LiveUpdate is initiated from the station that requests it, so > > normally you don't need to set up anything

Re: [leaf-user] Symantec

2003-01-30 Thread Erich Titl
Homer At 23:59 29.01.2003 -0600, you wrote: On Wed, 29 Jan 2003 14:56:01 -0800 Tom Eastep <[EMAIL PROTECTED]> wrote > > > --On Wednesday, January 29, 2003 11:40 PM +0100 Erich Titl > <[EMAIL PROTECTED]> wrote: > > > > > AFAIK LiveUpdate is initiated from the station that requests it, so > >

RE: [leaf-user] Symantec

2003-01-30 Thread Luis.F.Correia
-Original Message- From: Erich Titl [mailto:[EMAIL PROTECTED]] Sent: Thursday, January 30, 2003 10:09 AM To: [EMAIL PROTECTED] Subject: Re: [leaf-user] Symantec Homer At 23:59 29.01.2003 -0600, you wrote: >On Wed, 29 Jan 2003 14:56:01 -0800 Tom Eastep <[EMAI

RE: [leaf-user] Symantec

2003-01-30 Thread Henning, Brian
is there a way to block this with the firewall.. -Original Message- From: Lynn Avants [mailto:[EMAIL PROTECTED]] Sent: Wednesday, January 29, 2003 5:18 PM To: [EMAIL PROTECTED] Subject: Re: [leaf-user] Symantec On Wednesday 29 January 2003 05:08 pm, you wrote: > why isn't that

Re: [leaf-user] Symantec

2003-01-30 Thread Homer Parker
On Thu, 30 Jan 2003 11:09:24 +0100 Erich Titl <[EMAIL PROTECTED]> wrote > > Ok... I guess I missed the point that the boxes don't have net > > > > access.. > >There are 7 systems behind the Bering box, and only 2 have net > >access... > > LiveUpdate without net access. It's k

Re: [leaf-user] Symantec

2003-01-30 Thread Brad Fritz
Homer, Jumping in kinda late here...apologies if I am missing the boat... On Thu, 30 Jan 2003 09:29:21 CST Homer Parker wrote: > On Thu, 30 Jan 2003 11:09:24 +0100 Erich Titl <[EMAIL PROTECTED]> > wrote > > > > Ok... I guess I missed the point that the boxes don't have net > > >

Re: [leaf-user] Symantec

2003-01-30 Thread Homer Parker
On Thu, 30 Jan 2003 11:23:48 -0500 "Brad Fritz" <[EMAIL PROTECTED]> wrote > > Homer, > > Jumping in kinda late here...apologies if I am missing the boat... > > On Thu, 30 Jan 2003 09:29:21 CST Homer Parker wrote: > > > On Thu, 30 Jan 2003 11:09:24 +0100 Erich Titl <[EMAIL PROTECTED]> > > w

Re: [leaf-user] Symantec

2003-01-30 Thread Ray Olszewski
Also apologize for jumping in late. Brad's comment below is the right general response for giving a host limited access to the Internet, allowing it only to use a single service, but it assumes that (a) "just the LiveUpdate port(s)" has a useful definition and (b) "the LiveUpdate servers" is a

RE: [leaf-user] Symantec

2003-01-30 Thread Luis.F.Correia
>> >>> LiveUpdate without net access. It's kind of contradictive. >> > > They are blocked at the firewall at the managements request... > But, they want to keep the virus defs on those >>machines current, > so I'm trying to find a way to handle that... Well, you can try anothe

Re: [leaf-user] Symantec

2003-01-30 Thread Brett Moss
hi, while the docs recommend against using dns names the ability is there with 1.3.9 and later, if i'm not mistaken. http://www.shorewall.net/configuration_file_basics.htm#dnsnames i'd say if it works for you use it, at least try it on a test box if possible. brett --- Homer Parker <[EMAIL PR

Re: [leaf-user] Symantec

2003-01-30 Thread Brad Fritz
On Thu, 30 Jan 2003 09:30:40 PST Ray wrote: > Brad's comment below is the right general response for giving a host > limited access to the Internet, allowing it only to use a single service, > but it assumes that (a) "just the LiveUpdate port(s)" has a useful > definition and (b) "the LiveUpda

Re: [leaf-user] Symantec

2003-01-30 Thread Matt Schalit
Brad Fritz wrote: Homer, Or use squid if the traffic is port 80. Matt --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com