News:

So the widespread use of emojis these days kinda makes forum smileys pointless, yeah?

Main Menu

[Solved] What ports should I open on my firewall?

Started by TyC-Pros, March 21, 2007, 07:17:52 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

TyC-Pros

March 21, 2007, 07:17:52 PM Last Edit: March 22, 2007, 12:24:38 PM by TyC-Pros
I'm currently blocking all outgoing ports except those I explicitely open on my Linux box. Now, when my firewall is on, I get this:

Code Select
Tysan: [23:08:04.463] NOTICE: Bot 'Tysan' has been started.
Tysan: [23:08:04.464] DEBUG: Entering disconnect()
Tysan: [23:08:04.464] DEBUG: Entering connect()
Tysan: [23:08:04.504] INFO: Trying BNLS server: bnls.valhallalegends.com
Tysan: [23:08:04.526] INFO: Resolving ip for server: useast.battle.net
Tysan: [23:08:04.553] INFO: Resolves to 12 different addresses
Tysan: [23:08:04.554] INFO: Choosing address 6 [useast.battle.net/63.240.202.138]
Tysan: [23:08:04.554] INFO: Attempting to connect
Tysan: [23:08:04.777] INFO: Connected to /63.240.202.138:6112
Tysan: [23:08:04.780] INFO: Trying BNLS server: bnls.valhallalegends.com
Tysan: [23:08:04.789] INFO: Connected to useast.battle.net:6112
Tysan: [23:08:04.789] INFO: Sending protocol byte (0x01).
Tysan: [23:08:04.790] INFO: Switching to Binary protocol.
Tysan: [23:08:04.791] INFO: Sending authorization.
Tysan: [23:08:05.151] ERROR: Connect failed: java.net.SocketException: Connection reset


Though I can connect just fine when I tell the firewall to clear (ie allow everything). I'm using Shoreline Firewall, and I have opened ports 6112 and 6113 (tcp and udp) for Battle.net, as well as port 9367 (tcp) for BNLS. Is there anything else I should open to correctly sign in?

Chavo

#1
March 21, 2007, 08:47:49 PM
Why, may I ask, are you blocking outgoing ports?  Are you afraid one of your programs is going to attack someone else? :P

Ergot

#2
March 21, 2007, 09:59:26 PM
And what about if they are sending your information out? You know, phoning home...
Quote from: Newby on February 26, 2006, 12:16:58 AM
Who gives a damn? I fuck sheep all the time.
Quote from: rabbit on December 11, 2005, 01:05:35 PM
And yes, male both ends.  There are a couple lesbians that need a two-ended dildo...My router just refuses to wear a strap-on.
(05:55:03) JoE ThE oDD: omfg good job i got a boner thinkin bout them chinese bitches
(17:54:15) Sidoh: I love cosmetology

Joe

#3
March 21, 2007, 10:28:56 PM Last Edit: March 21, 2007, 10:30:39 PM by Joe[x86]
Quote from: unTactical on March 21, 2007, 08:47:49 PM
Why, may I ask, are you blocking outgoing ports?  Are you afraid one of your programs is going to attack someone else? :P

Backdoors.

EDIT -
JavaOp doesn't do anything with UDP so those can all stay closed, and as far as I know, nothing uses :6113 either.
Quote from: Camel on June 09, 2009, 04:12:23 PMI'd personally do as Joe suggests

Quote from: AntiVirus on October 19, 2010, 02:36:52 PM
You might be right about that, Joe.

Chavo

#4
March 22, 2007, 10:09:01 AM
I don't know of any software firewall that doesn't prompt you when a local application tries to access the internet so neither of those reasons hold any merit.

TyC-Pros

#5
March 22, 2007, 12:24:22 PM
It seems the solution to my problem was the order in which I configured my /etc/shorewall/rules file. For some reason it ignores ACCEPT rules after I start giving DNAT rules (if that means anything to anyone).

QuoteWhy, may I ask, are you blocking outgoing ports?  Are you afraid one of your programs is going to attack someone else?

The same reason I block incoming ports: I don't want anything on that box to do anything related to the internet unless I say so. The box is connected to the internet 24/7 - it never hurts to be paranoid about security.

QuoteI don't know of any software firewall that doesn't prompt you when a local application tries to access the internet so neither of those reasons hold any merit.

Let me guess, you are a Windows user?

I use Shoreline firewall, which is a front-end to IPTables, and runs "in the background" with a text file containing rules. When something related to the internet happens, it checks those rules what to do, and if there are no rules for this situation, it does it's default behavior: it drops the connection (you could set it to accept, but that'd defeat the purpose of the firewall).

This might be difficult to grasp, but the box I'm running my bot on doesn't have a screen, nor anything remotely resembling a graphical interface (unless you count my 1337 shell colors), so "prompting the user" is without meaning on my machine, since there's only a user logged in about 0.5% of each day.

Chavo

#6
March 22, 2007, 09:05:31 PM
I knew I recognized that name, thats a perfectly good reason to block outgoing ports ;)

QuoteThis might be difficult to grasp, but the box I'm running my bot on doesn't have a screen, nor anything remotely resembling a graphical interface (unless you count my 1337 shell colors), so "prompting the user" is without meaning on my machine, since there's only a user logged in about 0.5% of each day.
No need to get defensive, I was responding to the other clowns that had silly reasons to be blocking outgoing ports on a non-gateway machine.

Ergot

#7
March 23, 2007, 01:18:13 AM
What ever makes you feel better :/. I was just giving an example.
Quote from: Newby on February 26, 2006, 12:16:58 AM
Who gives a damn? I fuck sheep all the time.
Quote from: rabbit on December 11, 2005, 01:05:35 PM
And yes, male both ends.  There are a couple lesbians that need a two-ended dildo...My router just refuses to wear a strap-on.
(05:55:03) JoE ThE oDD: omfg good job i got a boner thinkin bout them chinese bitches
(17:54:15) Sidoh: I love cosmetology
Print
Go Up Pages1
User actions