ZA 5 and local NNTP server (cannot receive body of messages)

[ronald]

Archived from groups: comp.security.firewalls (More info?)

Hi !

I'm seeing a weird issue here.

I'm running a local NNTP (IIS newsserver) newsserver.
It's runs on port 1119 (ISP won't allow the default port 119 ;- )

Have ZA 5 Suite installed.

I can get access to my newsserver (can get grouplist / can collect headers).

But.. I cannot receive the body of the message.

I'm quite lost, because being able to get the headers, but not the body...
sounds very strange.

Disabling the ZA 5 suite solves the issue (but that's not why I installed ZA
... ;- )

Any idea?

If any additional info is needed, just let me know.

Thanks in advance!

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

"Ronald" <new@reply.only> wrote in
news:c94co7$3e$1@news3.tilbu1.nb.home.nl:

> Hi !
>
> I'm seeing a weird issue here.
>
> I'm running a local NNTP (IIS newsserver) newsserver.
> It's runs on port 1119 (ISP won't allow the default port 119 ;- )
>
> Have ZA 5 Suite installed.
>
> I can get access to my newsserver (can get grouplist / can collect
> headers).
>
> But.. I cannot receive the body of the message.
>
> I'm quite lost, because being able to get the headers, but not the
> body... sounds very strange.
>
> Disabling the ZA 5 suite solves the issue (but that's not why I
> installed ZA .. ;- )
>
> Any idea?
>
> If any additional info is needed, just let me know.
>

Do you have a machine with IIS running with a direct connect to the
Internet or is the machine part of a LAN situation behind something?

Duane

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

"Ronald" <leen@snoekonline.com> wrote in
news:c97adr$49o$1@news4.tilbu1.nb.home.nl:

> Hi Duane,
>
> My cable connection is connected to a router and I have set NAT to
> direct incoming request to port 1119 to the local machine.
> That local machine (that's running IIS/NNTP) is connected to a switch
> that is connected to the router.
>
> Given the fact that I can connect to the newsserver, this seems to be
> ok (and it was when having this running using ZA 4 Free edition
> before).
>
> Any idea now?
>
http://www.petri.co.il/block_ping_traffic_with_ipsec.htm
http://www.microsoft.com/technet/itsolutions/network/security/ipsecld.msp
x
http://www.analogx.com/contents/articles/ipsec.htm
http://www.uksecurityonline.com/index5.php

A PFW solution has no business on a machine running IIS.

Duane

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

"Ronald" <new@reply.only> wrote in
news:c987df$qh0$1@news1.tilbu1.nb.home.nl:

> Thanks, but that doesn't bring to a solution to my problem.
>
> Any1 else?
>
> Have a nice day/weekend!
>
I think that if you took the time to look at IPsec you'll find that it
far out classes ZA in many areas when implemented behind a NAT router.

One thing that IPsec does is run transparent to any application and will
not interfere as you have indicated ZA is interfering with NNTP and
headers.

I think it would be a simple thing to implement the AnalogX Secpol setup
on the machine and go to the NNTP Server Permit rule and change the port
from 119 to 1119. and have IPsec provide better protection than a PFW
solution will ever do in the area of protecting IIS.

The protection starts with the O/S and its integrated solutions and not
some 3rd party non-integrated PFW solution trying to protect IIS and the
O/S.

Duane