Re: [PLUG] Lingo Report

[Paul <gyoza@comcast.net>]

gabriel rosenkoetter wrote:

> On Fri, Jul 16, 2004 at 03:15:36PM -0400, Eug wrote:
>  
>
> > The biggest complaint from the author is that Vonage refuses to
> > publish their IP addresses so that people can write their firewall
> > rules to only have these ports open for packets coming from Vonage.
> >    
>
> ... which is an absurd complaint because no ports need to be opened
> for Vonage in particular and, even if they did, one could discover
> what the IP addresses it communicates with where relatively easily
> (either by sniffing traffic or simply by querying whois.arin.net).
> I made no changes to my network when I put my Vonage box inside it.
>  
There must be some kind of keep-alive that keeps the ports open to the 
Vonage servers, else you wouldn't be able to receive calls.

I don't know if it was a coincidence, but things started to work after I 
open a wide range of inbound ports; 10000-20000 UDP.  I think it is 
Packet8 that says that *outbound* ports, roughly, 5000-65535 UDP need to 
be openable, which is automatic with a one-day firewall.

I can't show Ethereal packet captures if anyone is really interested.  I 
see protocols such as SIP, RTP, RTCP, and ICMP being used.  Most of my 
VoIP traffic uses UDP, but SIP used both UDP and TCP at one point.

Yeah, I have a gigantic hole in my firewall right now, and the first 
thing I thought of was limiting access to the relevant servers.

___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug