On Wed, 9 Feb 2005, Paul Gienger wrote: > >You're confusing the sides of the firewall. > >The restrictive security policies are on the side of the clients I work > >for. THEIR firewalls are often quite restrictive. > > > > > Ok, I've almost responded at least a couple times, but this is getting > ludicrious now. If they're restrictive on their side, then how the hell > do you plan on getting out with your traffic???
Why would they restrict OUTGOING SMB/CIFS traffic? > > Besides that, I'd be really surprised if this connection would work at > all with the sheer number of different networks you'd be crossing, any > number of which are filtering for smb ported traffic. Most consumer > grade ISPs filter for all these ports, the one you run your mail server > on seems to, or at least your server is filtered. Our firewalls will > allow just about anything out, but not smb because it's just wrong. I > believe some of these ports talk back to you also, at least 445, so > you're probably not going to get back with the corresponding channel, > much like non-passive ftp. > > >The other side of the equation is my box at home, which has no such > >policy. > > > > > Who is your ISP? I'd love a no-rules account with them. > I mean they don't seem to filter things, or at least not that I've found. > >>>I even concocted a zero-install CygWin workalike and > >>>keep it on my keychain USB drive... > >>> > >>> > Do you have nmap? try and portscan your home box and see if you get the > ports... it will tell you if you're getting filtered or not. I'm > guessing this is the case > [EMAIL PROTECTED] bar]# nmap baz.fnord.net -sT Starting nmap V. 3.00 ( www.insecure.org/nmap/ ) Interesting ports on xxxxxxxxxxxxx.big-isp.net (x.y.z.a): (The 1593 ports scanned but not shown below are in state: closed) Port State Service 21/tcp open ftp 22/tcp open ssh 23/tcp filtered telnet 25/tcp open smtp 80/tcp open http 139/tcp open netbios-ssn 443/tcp open https 8080/tcp open http-proxy Nmap run completed -- 1 IP address (1 host up) scanned in 16 seconds [EMAIL PROTECTED] bar]# Does that answer your question? > -- > -- > Paul Gienger Office: 701-281-1884 > Applied Engineering Inc. > Systems Architect Fax: 701-281-1322 > URL: www.ae-solutions.com mailto: [EMAIL PROTECTED] > > > -- J. L. Blank, Systems Administrator, twu.net -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
