Firewalls: Re: archie and UDP

Firewalls
(March 1993)

Indexed By Thread: [Previous] [Next]

Subject:	Re: archie and UDP
From:	Amos Shapira <amoss @ cs . huji . ac . il>
Date:	Fri, 05 Mar 1993 11:06:15 +0200
To:	firewalls @ GreatCircle . COM
In-reply-to:	Your message of Wed, 3 Mar 93 19:03:45 PST . <9303040303 . AA22705 @ ICD . Teradyne . COM>

In message <9303040303 .
 AA22705 @
 ICD .
 Teradyne .
 COM> jxh @
 icd .
 teradyne .
 com (Jim
Hickstein)  write:
|My archie client seems to want me to let UDP packets to ports >1000
|through my router to/from my firewall.  Isn't this a Bad Idea?  Must I
|tell my users that they should telnet somewhere, instead?

The Archie servers listens on port 1525,  so I guess that if you just allow
this port to/from certian archie servers then you are pretty covered, though
this could still be a hole.  Also it shouldn't be a big problem to proxy this
service.

Another option,  which I'm not sure how practical it is,  is to purchase
an Archie "client server",  this is a telnet client to which you connect and
ask querys,  the "server" connects through prospero to a "real" Archie server.
You should be able to get more info from bajan @
 bunyip .
 com .
 

Hope this helps,

--Amos Shapira

CS System Group, Hebrew University, Jerusalem, Israel
amoss @
 cs .
 huji .
 ac .
 il

References:

archie and UDP
From: jxh @ ICD . Teradyne . COM (Jim Hickstein)

Indexed By Date	Previous:	Re: Appletalk through firewalls. From: johng @ weema . chi . uwa . edu . au (John Gibbins)
Indexed By Date	Next:	Re: archie and UDP From: tim @ canon . co . uk (Tim F O'Donoghue)
Indexed By Thread	Previous:	archie and UDP From: jxh @ ICD . Teradyne . COM (Jim Hickstein)
Indexed By Thread	Next:	Re: archie and UDP From: tim @ canon . co . uk (Tim F O'Donoghue)