Firewalling Your Network

 

Re:  If you have a firewall, and are trying to block (or allow) certain activities on your network, these are the popular applications you will have to consider (and their corresponding ports):

 

AOL INSTANT MESSENGER - Messenger service like Yahoo, ICQ. Many students have accounts on it.

Ports:

OUT    TCP     4099

IN        TCP     5190

 

Dialpad - Low cost PC to Phone connections, some free offers

Ports:

OUT    TCP     7175

IN        UDP    51200, 51201

IN        TCP     51210

IN        TCP     1584, 1585

OUT    TCP     8680, 8686

 

Hotline Server - Internet Community for web applications developers, very useful for COS students

IN        TCP     5500 - 5503

IN        UDP    5499

The TCP Ports enabled are 5500 - 5503 (This is for the standard 5500

Hotline port)

 

If you change the default port, then you must enable the 3 ports after

it (so if you choose 4000 then you must enable 4000 - 4003)

 

ICQ

In ICQ under "Preferences & security", "Preferences" and Connections, click on "I am behind a firewall or proxy" then click on "Firewall Settings". Then select "I don't have a SOCKS Proxy server on my firewall" or "I am using another Proxy server". Click Next.  Click "Use the following TCP listen ports for incoming event" and set the TCP ports for 20000 to 20019 for the first user, 20020 to 20039 for the second user,  20040 to 20059 for the third user, etc.

Ports:

OUT    UDP    4000

IN        TCP     20000   20019 for one user

or

IN        TCP     20000   20039 for two users

or

IN        TCP     20000   20059 for three users, etc.

 

MIRC/IRC Chat & Direct Chat

Ports:

IN        TCP     1024 - 5000

IN        TCP     6660 - 6669

IN        UDP 113

 

MSN Messenger

IN        TCP     6891 - 6900

IN        TCP     1863

IN        UDP    1863

IN        UDP    5190

IN        UDP    6901

IN        TCP     6901

IN        TCP     5000 - 5001

IN        UDP    5055

 

Audiogalaxy Satellite [updated 12/13/00]

Ports:

IN        TCP     41000 - 50000

IN        TCP     1117-5190

 

GNUtella

Ports

IN        TCP     6346

IN        UDP    6346

 

Same as above

KaZaA

Ports

IN        TCP     1214

 

QuickTime 4 Client & RealAudio on Port 554 - Needed for online radio and and tv. Internatonal students need it for access to info from their home countries. JMC students need it as well, for stories and sources of information and research

OUT    TCP     554

IN        UDP    6970 - 32000

 

RealAudio on Port 7070 - Same as above

OUT    TCP     7070

IN        UDP    6970 - 7170

 

Blizzard Battlenet - Students want to play games over the internet, it does not require a high traffic

IN        TCP     4000

IN        TCP     6112

IN        UDP    6112

 

Half Life - Same as above

IN        UDP    6003

IN        UDP    7002

IN        UDP    27010

IN        UDP    27015

IN        UDP    27025

 

Need for Speed – Porche - Same as above

IN        UDP    9442

 

Starcraft

IN        UDP    6112

 

FTP Server

IN        TCP     21

 

POP3 Mail Server

IN        TCP     110

 

SMTP Mail Server

IN        TCP     25

 

TELNET Server

IN        TCP     23

 

WEB Server

IN        TCP     80

 

Remotely AnyWhere - Access to and administration of the personal computers of the students on the university network from outside. Ex: People who live in Sofia for the weekend and need a file from their personal computer located in Skaptopara.

IN        TCP     2000

IN        TCP     799

 

Virtual Network Computing (VNC)

IN        TCP     5500

IN        TCP     5800

IN        TCP     5900

 

Windows 2000 Terminal Server

IN        TCP     3389

IN        UDP    3389

 

IMAP Server

IN TCP 143

 

SSH Secure Connection

IN        TCP     22