ports behind a fire wall

Discussion in 'Mac Basics and Help' started by MacAodh, Nov 7, 2007.

  1. MacAodh macrumors regular

    Joined:
    Apr 3, 2006
    Location:
    Dublin, Eire
    #1
    Hi all,
    I've a slight problem, My college use a firewall that only allows one port (8484) and therefore allot of programs won't work such as mail (accessing gmail-imap) or ichat (googlechat) but skype and mail rss feeds work... I though authoxy would work but from what i hear that won't change port numbers, just proxy settings (which i do have but don't seam to be the problem as quicktime will work).

    Does anyone know if A. Authoxy would work or B. a method that would work?

    It drives me nuts that i can't get ichat working at least, thanks all


    P.s. - as most will note yes i am using leopard and to all who will recognize me as the one who refused to buy it due to the price... i got tempted and my dad said he would buy a family sub for us... dam him!!! (but thank you!!! so much faster :D)
     
  2. compuwar macrumors 601

    compuwar

    Joined:
    Oct 5, 2006
    Location:
    Northern/Central VA
    #2
    Purposefully bypassing a firewall is generally against acceptable usage policies and can get you suspended or even kicked out. In some cases, it can also land you in legal trouble. You should find out what the AUP is at your institution and why they're blocking whatever it is they're blocking and where from. Most security admins will be happy to explain the policies and their rationale.

    Someone's spent real money on a firewall and spends real money on administration- they didn't do it just for fun, and you should really adhere to the policies of the network owner or go out and buy your own networking, such as an EVDO card and set your own policies.
     
  3. MacAodh thread starter macrumors regular

    Joined:
    Apr 3, 2006
    Location:
    Dublin, Eire
    #3
    thank you... i guess, i'm sorry if i pissed you off but i was just asking. I'm sure they have great reasons but to be very honest with you i'm not going to 'hack' it or anything simply because i have no idea how!!! I was asking how to get ichat working, if that's so annoying to you please don't bother to reply. I don't want to here your complaining. Anyway, I have wireless broad band but i use the college network when i'm in college since it automatically logs me on to several academic sites.

    Anyway, i'm sorry for wasting your time and being so inconsiderate in hurting your feelings. You go back to your network and i'll email you a picture of me so you can paste it up on your wall of mean people :p
     
  4. mankar4 macrumors 6502a

    mankar4

    Joined:
    Aug 23, 2007
    Location:
    USA
    #4
    most firewall programs have settings which allow you to open specific ports. Can you just open the ports you need to have opened? Also, you can go to the router directly and do port forwarding to your computer, bypassing your colleague's firewall. Do you have NAT or not?
     
  5. MacAodh thread starter macrumors regular

    Joined:
    Apr 3, 2006
    Location:
    Dublin, Eire
    #5
    Ok, this is when i should say i have no idea about computers in comparison to most on this site... but what i do no is that i can only use port 8484 since i emailed IT services about using mail and they said only this port can be used therefore the program won't work. Would port forwarding work??? how do i do this??? What's NAT...

    Sorry, this was probably very unhelpfull... but thank you for your reply
     
  6. solvs macrumors 603

    solvs

    Joined:
    Jun 25, 2002
    Location:
    LaLaLand, CA
    #6
    Or they're too lazy to actually deal with their security, and just block everything. If you can talk to a real person instead of just e-mail, they might be able to help you out. But if they've installed such draconian measures, and based on my experience with some IT people who've done such things, they might not be of too much help. You may get someone useful, maybe even someone who knows Macs, but unfortunately, it isn't likely. Sorry. If you have your own router, you might be able to do some port forwarding, but I'm not sure how exactly that would help.

    I'm sorry, but this just seems like overkill from someone who doesn't know what they're doing.
     
  7. compuwar macrumors 601

    compuwar

    Joined:
    Oct 5, 2006
    Location:
    Northern/Central VA
    #7
    Blocking everything is a valid security stance, and it really doesn't matter what the motivation is- I just wanted to OP to understand that willfully bypassing a security control can be illegal (Federal Statute is something like "exceeding authority." State/Local can also apply depending on jurisdiction.) I've been doing firewalls for quite a while, and I run the Firewall-Wizards mailing list. I also do computer forensics and I've been on the prosecution side of cases where people have exceeded their authority, and it's not pretty. That's not generally where prosecutions start, but all you need is some boneheaded roomate or third party to start something and suddenly you're in the soup.

    Ask Randall Schwartz how it feels to be a convicted felon for exceeding his access under the Oregon statute, even though both he and the "victim" (Intel) agreed there was zero malice. When you use someone else's network you have an obligation to abide by their rules as well as those of the jurisdiction you're in. Just because you *can* make a tunnel through a firewall doesn't mean you *should*. FWIW, in my lay opinion the above posting serves pretty well as proof of intent to bypass a security access control device.

    I don't have a dog in this fight, I'm not "upset" or whatever, I just happen to have seen the consequences of people end-running firewalls enough to say that it's a very bad idea. I don't dispense legal advice though, so I'd recommend that the OP consult counsel licensed to practice in the jurisdiction they intend on exceeding normal access in should they not be able to convince the powers that be to allow their access through proper channels- it'd be good to be on terms with someone who can provide defense should it become necessary anyway.
     
  8. mankar4 macrumors 6502a

    mankar4

    Joined:
    Aug 23, 2007
    Location:
    USA
    #8
    Port forwarding may work. If the firewall is on your colleague's computer only, then it should work. To do port forwarding, log on to your router (just type 192.168.0.1 or 192.168.1.1 into your web browser and enter username and password) and there should be some settings to change port forwarding. Determine what ports your programs use and forward them to your IP address. You will also need to enable "static IP address" which should be somewhere in the router settings as well in order to ensure that your computer's IP address does not change. If all this seems intimidating, or if you just want someone else to take care of it, you should talk to your IT guys. Hopefully you have helpful IT guys.
     
  9. MacAodh thread starter macrumors regular

    Joined:
    Apr 3, 2006
    Location:
    Dublin, Eire
    #9
    No can do, I tried that and it's just not working. Think it might be a no show of an idea. A well, thanks anyway.

    compuwar: Thanks for the advice, i would hope that no one would go crazy for me trying to get ichat working over my college network but you never know and thanks for the heads up
     
  10. solvs macrumors 603

    solvs

    Joined:
    Jun 25, 2002
    Location:
    LaLaLand, CA

Share This Page