1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Port (110) Pop3 How to protect??

Discussion in 'Virus & Other Malware Removal' started by Stav, Oct 16, 2003.

Thread Status:
Not open for further replies.
Advertisement
  1. Stav

    Stav Thread Starter

    Joined:
    Aug 6, 2003
    Messages:
    45
    I have installed on 31 machines a firewall program which has been checked the only two things it fails on are Ports 8 pinging i think and port 110 e-mail port these machine are networked over a novel network running O/s Winxp how do i make these ports stealthed ?????????????????
    Thanks Stav
     
  2. Monstrous Mi

    Monstrous Mi

    Joined:
    Jul 20, 2002
    Messages:
    623
    You could use a router or a hardware firewall.
     
  3. Stav

    Stav Thread Starter

    Joined:
    Aug 6, 2003
    Messages:
    45
    Could you give me a bit of background info on the diference between sotware firewall and hardware firewall- why can the software not protect the port 110, and a router? same question?

    A little back ground info for you
    31 Machines are networked using an Novell (network)
    internet & E-mail are collected via an ISDL line 2 one of the networked machines which has a program called floosit (i think ) running the e-mail system of which the other machine log in 2 for collection of mail, Before this is a vigour 2600 which has a firewall built into it (is this a hardware firewall)
    and does the answer lie here
    any help appreciated
    stav
     
  4. Monstrous Mi

    Monstrous Mi

    Joined:
    Jul 20, 2002
    Messages:
    623
    The term hardware firewall is a bit of a misnomer. Of course, all firewalls are actually software. The difference is that a hardware firewall resides as the gateway to a network.

    Thus, the main advantage of a hardware firewall is Network Address Translation or NAT for short. Therefore a hardware firewall is also a router. When using these, all servers and workstation in the network usually allow their IP addresses to be assigned to them by the firewall/router. Thus, the firewall/router is also a DCHP server which assigns class C private network addresses (i.e. 192.168.x.x). Now all your 31 machines will have a private address and the only Internet accessable address will the WAN address of the router. Now port 110 will be stealthed for all your network machines.

    So if you want to protect port 110 from unsolicited traffic, a router or router/firewall will do that for you.

    If you simply use a software firewall which resides on the server or workstation, then you need to close port 110 completely which means no email at all.

    Basically, if you want to use a machine for email and want to stealth port 110, you need to do NAT and that requires a router as a minimum and a hardware firewall as a better solution.
     
  5. Stav

    Stav Thread Starter

    Joined:
    Aug 6, 2003
    Messages:
    45
    The draytek decive uses like you said Nat & Dhcp server the firewall software with in this decive is set up to redirect communication to port 110 to a private ip address where the e-mail station is. Not being well up on this side of things i am confused as to how the device can be set to stealth as to protect local machines 110 ports on the network

    The Nat 1st ip address is the gateway which all networked computers pick up.
    How can i tell if the ip addresses on the local machine on the network are being given there ip from the draytek or from the server as i am unsure?

    What i am unsure about is i can not see why the ports 110 are not stealthed whem the dreytek seams set up ok (probably not)
    I set the device up and am unsure obviously about this area?????????????????????
    Any advice would be appreciated
    steven
     
  6. Monstrous Mi

    Monstrous Mi

    Joined:
    Jul 20, 2002
    Messages:
    623
    Sorry for the delay, away for the weekend.

    <b>How can i tell if the ip addresses on the local machine on the network are being given there ip from the draytek or from the server as i am unsure?</b>

    First, the workstations must have a TCP/IP setting of "Automatically obtain IP address". Second, there can be only one DCHP server on your network running at one time. I suggest that the Vigour 2600 should do this.

    Your firewall should not be setup to redirect port 110 or any other port. The way it works it that the email workstation sends data to port 110 to the outside world. The firewall keeps the connection open (it must have a firewall rule allowing port 110) until it is finished and then closes port 110.

    When something from the outside tries to probe port 110, the firewall should not respond. This is what is known as unsolicited traffic and most firewalls and routers will not respond to outside requests, only inside ones from the private network (and only on ports allowed by the firewall access rules).

    If none of this helps I suggest you contact Draytek for technical support as I would probably need the manual and be at your site to help you further.

    Further note: If you are using port redirecting you are exposing internal machines to the Internet.
     
  7. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Similar Threads - Port (110) Pop3
  1. alvincc88
    Replies:
    2
    Views:
    364
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/172347

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice