palkovic@linac.fnal.gov (John A. Palkovic) (09/13/90)
Suppose there was a workstation at an institution where the higher ups frown on malicious, harmful activities like reading USENET news :-). The fascists in the network dept would like to block NNTP from a computer which is on an LAN connected to the internet through some sort of network router/gateway (e.g. a cisco router). Is it possible to do this in software (cutting the ethernet cable is not a valid answer)? -- John Palkovic (708) 840-3527 linac!palkovic, palkovic@linac.fnal.gov University of Wisconsin-Madison, Dept. of Physics Home: johnny@linac.fnal.gov, linac!jpmac!johnny
sob@tmc.edu (Stan Barber) (09/13/90)
You can deny service by editing the nntp_access file and adding a line:
hostname no no
where hostname is the name of the host to lockout.
That will cause the NNTP server to print a access denied message
and shutdown when any users from that host try to access it.
--
Stan internet: sob@bcm.tmc.edu Director, Networking
Olan uucp: {rutgers,mailrus}!bcm!sob and Systems Support
Barber Opinions expressed are only mine. Baylor College of Medicinepalkovic@linac.fnal.gov (John A. Palkovic) (09/13/90)
In article <1917@gazette.bcm.tmc.edu> sob@tmc.edu (Stan Barber) writes: You can deny service by editing the nntp_access file and adding a line: hostname no no where hostname is the name of the host to lockout. That will cause the NNTP server to print a access denied message and shutdown when any users from that host try to access it. I have received many replies to my original post via email. Thanks to all who replied (you can stop now!). I should have been more clear. I did not mean deny client read access to an nntp server, I meant deny a news feed _to_ the server by changing the router config. In other words, can you sever a news feed with router software? One person said: >> A Cisco router can filter packets by source host, source network, >> destination host, destination network, protocol, port number. >> Reading, posting and xfering news all use the same packets. However another said: >> Arrange to have someone somewhere run an nntp transfer program that >> does everything the same but uses a different port. Hack your inetd >> to listen there instead. This would circumvent the fascists until they disovered the deception. Another way is to find someone who will let you NFS mount their news spool over the network. And of course their is UUCP (does anyone transfer news over the internet with UUCP?). -- John Palkovic (708) 840-3527 linac!palkovic, palkovic@linac.fnal.gov University of Wisconsin-Madison, Dept. of Physics Home: johnny@linac.fnal.gov, linac!jpmac!johnny