[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

RE: News Server Access - Firewall port problem?



Rick,
   Thanks. I had tried to use the telnet idea this morning and received no
connection. I'll look at the firewall in the next day or two and let you
know what happens.

With best regards,
Mark

-----Original Message-----
From: redhat-install-list-admin redhat com
[mailto:redhat-install-list-admin redhat com]On Behalf Of Rick Stevens
Sent: Wednesday, February 27, 2002 10:14 AM
To: redhat-install-list redhat com
Subject: Re: News Server Access - Firewall port problem?


Mark W. Knecht wrote:
> Rick,
>    Thanks very much.
>
>    So that I'm armed with good info, what are the security implications
> associated with opening port 119 TCP & UDP for outgoing traffic? (I assume
I
> only open it for outgoing, correct?) None, mild, serious, severe?

NNTP is fairly innocuous.  I don't know of any common exploits.  If you
know the NNTP server you're going to go for, open the port for JUST that
server and you should be fairly safe.

>    Are there any simple ways to test the connection using something like a
> telnet session to the server and specifying port 119? Will it speak to me
in
> English like a mail server will? (I do this periodically to test a mail
> server if I'm not sure what's causing problems or want to check an email
> address someone is having trouble with.)

You can use telnet.  I think you'll get a login request, but it's been a
long time since I've used NNTP so I could be wrong.  At least you'll get
a connection of some sort.  If so, just use the telnet quit mechanism
(press ctrl-], then type "quit") to terminate the connection/

>    To the best of knowledge I have no devices on my internal network that
> would respond to port 119 if I was required to open that to make this
work,
> but not sure I know how to really check that as people come and go with
> portables all the time.

As I said, if you know the server, just open the port for that server.
I wouldn't necessarily open port 119 for just anyone.
----------------------------------------------------------------------
- Rick Stevens, SSE, VitalStream, Inc.      rstevens vitalstream com -
- 949-743-2010 (Voice)                    http://www.vitalstream.com -
-                                                                    -
-         It is better to have loved and lost.  Cheaper, too!        -
----------------------------------------------------------------------



_______________________________________________
Redhat-install-list mailing list
Redhat-install-list redhat com
https://listman.redhat.com/mailman/listinfo/redhat-install-list






[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]