Hi, can anyone tell me which udp ports MSN ver 6.1 uses. I initially open 1100 & 1182 which has worked before , but for video and sound still missing them there is defiantly some thing in the range 8000-8100 and some thing around 7000 TIA Richard -- Richard Bown <richard.bown@blueyonder.co.uk>
On Mon, 2003-11-17 at 13:26, Richard Bown wrote:> Hi, can anyone tell me which udp ports MSN ver 6.1 uses. > I initially open 1100 & 1182 which has worked before , but for video and > sound still missing them > there is defiantly some thing in the range 8000-8100 and some thing > around 7000This is FAQ 3 -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net
Thanks Tom On Mon, 2003-11-17 at 21:58, Tom Eastep wrote:> On Mon, 2003-11-17 at 13:26, Richard Bown wrote: > > Hi, can anyone tell me which udp ports MSN ver 6.1 uses. > > I initially open 1100 & 1182 which has worked before , but for video and > > sound still missing them > > there is defiantly some thing in the range 8000-8100 and some thing > > around 7000 > > This is FAQ 3 > > -Tom-- Richard Bown <richard.bown@blueyonder.co.uk>
Well I''m hoping that Faq 3 is the same Faq 3 as on the shorewall web site site, cos if so it definitely dos''nt answer the question I asked. to get windows messenger/msn to run I know udp ports 1100 & 1182 have to be port forwarded to the machine behind the firewall thats running that dreaded app. The video use of msn seems to be on one of the one of the ports between 8000 & 9000, port forwarding the udp ports in that range allows the video stream to work. I think the audio steam is somewhere around 700 ish But what makes it difficult is to spot the log entry when some pirrock is pinging every second spoofing the source address. At the moment every thing is logged to try and spot the failed packet. is there a way of not logging dropped ICMP packets but logging everything else. Richard On Mon, 2003-11-17 at 21:58, Tom Eastep wrote:> On Mon, 2003-11-17 at 13:26, Richard Bown wrote: > > Hi, can anyone tell me which udp ports MSN ver 6.1 uses. > > I initially open 1100 & 1182 which has worked before , but for video and > > sound still missing them > > there is defiantly some thing in the range 8000-8100 and some thing > > around 7000 > > This is FAQ 3 > > -Tom-- Richard Bown <richard.bown@blueyonder.co.uk>
On Tue, 2003-11-18 at 03:05, Richard Bown wrote:> Well I''m hoping that Faq 3 is the same Faq 3 as on the shorewall web > site site, > cos if so it definitely dos''nt answer the question I asked.That''s because the question that you asked is unanswerable. You cannot achieve full MSN IM functionality by simply opening a few ports. MSN IM is built on top of the highly dubious "UPNP" which allows applications running behind a firewall to poke holes in the firewall whenever then feel the need (how''s that for security?). So unless you run software on your firewall that implements this questionable practice, you will not be able to use all of the features of MSN IM. And if you don''t believe me, check the MSN IM firewalling documents on the Microsoft site. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net
Ok Tom point noted. BinLaden your next target is in seattle What about not logging ICMP can it be done when the policy is to log ?? thanks Richard On Tue, 2003-11-18 at 16:08, Tom Eastep wrote:> On Tue, 2003-11-18 at 03:05, Richard Bown wrote: > > Well I''m hoping that Faq 3 is the same Faq 3 as on the shorewall web > > site site, > > cos if so it definitely dos''nt answer the question I asked. > > That''s because the question that you asked is unanswerable. You cannot > achieve full MSN IM functionality by simply opening a few ports. MSN IM > is built on top of the highly dubious "UPNP" which allows applications > running behind a firewall to poke holes in the firewall whenever then > feel the need (how''s that for security?). So unless you run software on > your firewall that implements this questionable practice, you will not > be able to use all of the features of MSN IM. And if you don''t believe > me, check the MSN IM firewalling documents on the Microsoft site. > > -Tom-- Richard Bown <richard.bown@blueyonder.co.uk>
> BinLaden your next target is in seattleIm sorry this is OT but I was wondering what the above line is referring too?
Ok maybe in bad taste...bill gates little building On Tue, 2003-11-18 at 20:34, Alex Martin wrote:> > BinLaden your next target is in seattle > > Im sorry this is OT but I was wondering what the above line is referring too? > _______________________________________________ > Shorewall-users mailing list > Post: Shorewall-users@lists.shorewall.net > Subscribe/Unsubscribe: https://lists.shorewall.net/mailman/listinfo/shorewall-users > Support: http://www.shorewall.net/support.htm > FAQ: http://www.shorewall.net/FAQ.htm-- Richard Bown <richard.bown@blueyonder.co.uk>