Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Block port 25 for training

Posted on 2008-10-08
11
Medium Priority
?
310 Views
Last Modified: 2012-05-05
I'm a trainer part time and have consistently to be patient and put up with folk claiming they're paying attention while I know they're e-mailing. I'm good at my job and give good and interesting lessons but other than taking my clothes off to illicit attention I'd like a safe way to block and unblock port 25 during class remembering that I'm sometimes at a client site.



Any suggestions would be appreciated and also help those with mild ADD learn Excel, Word etc.
0
Comment
Question by:macmic
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
  • 2
  • +1
11 Comments
 
LVL 17

Expert Comment

by:Andres Perales
ID: 22669123
well if you are using a mobile classroom that has a closed network you can put a firewall in place between the clients network port that they give you for access and the switch where your test boxes would hook into...
0
 

Author Comment

by:macmic
ID: 22669215
No, I can't interfere with others networks too much. I'm thinking either Windows firewall or group policy. something I can quickly add and remove. Cheers though
0
 
LVL 17

Expert Comment

by:Andres Perales
ID: 22669282
Windows firewall would work as long as the user accounts the users are using do not have admin rights to the change the windows firewall, are all of these boxes windows xp or vista boxes?  If so you can consider Steadystate....
http://www.microsoft.com/windows/products/winfamily/sharedaccess/default.mspx
 
0
Q2 2017 - Latest Malware & Internet Attacks

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out our latest Quarterly Internet Security Report!

 
LVL 10

Expert Comment

by:kukno
ID: 22669409
Hi,

use WinArpSpoofer, to "announce/mask" the trainer PC/Laptop as the default gateway. Then all packtes of the clients will be routed to your PC. You can then decide what to do with them. Assuming you can run a decent firewall on your PC, you could simply drop SMTP and re-route the rest to the legitimate router.

     http://www.nextsecurity.net/software/Windows_ARP_Spoofer.html

Here is a list with some other arp poisioning tools.

http://www.l0t3k.org/security/tools/arp/

Regards
Kurt
0
 

Author Comment

by:macmic
ID: 22669975
Yeah in our own office that would be cool but I can't add software to computers at client sites. Good recommend though for future stuff
0
 

Author Comment

by:macmic
ID: 22670013
kukno - yeah but for a client site I'd be tampering on their network. I'd just like a sneaky yet acceptable block on the individual PC if you get my gist
0
 
LVL 4

Expert Comment

by:Interserv
ID: 22670249
you would want to block port 80 and 443 as well because hotmail, gmail, Outlook Web Access and many more use the web and not port 25 for email.  You could do this with a GPO by setting up a proxy or adding an ip in the proxy settings that does not exist.  Just remember if you set up a proxy using GPO, you need to manually remove the proxy settings when you stop enforcing the GPO.
0
 

Author Comment

by:macmic
ID: 22670604
Interserv: how to using GPO mate?
0
 
LVL 10

Expert Comment

by:kukno
ID: 22699745
>I'd just like a sneaky yet acceptable block on the individual PC if you get my gist

o.k., then block the ports with the IPSEC subsystem.

http://support.microsoft.com/kb/813878

HOWEVER: You must install ipseccmd.exe and possibly netdiag on the clients!

http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=7D40460C-A069-412E-A015-A2AB904B7361

Filter for port 25 should be:

IPSeccmd.exe -w REG -p "Block SMTP" -r "Block Outbound SMTP" -f 0=*:25:TCP -n BLOCK


0
 
LVL 10

Expert Comment

by:kukno
ID: 22699804
running ipseccmd.exe from a USB stick is actually not "installing" any software.
0
 
LVL 10

Accepted Solution

by:
kukno earned 1500 total points
ID: 22699808
running ipseccmd.exe from a USB stick is actually not "installing" any software.
0

Featured Post

Q2 2017 - Latest Malware & Internet Attacks

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out our latest Quarterly Internet Security Report!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
In this article I discuss my selections of the Top Four free Outlook OST File Viewers available. Open, view and read even damaged OST files by using these tools. They all provide a clear preview of all data such as emails, notes, tasks, calendars, e…
Many of my clients call in with monstrous Gmail overloading issues with Outlook. A quick tip is to turn off the All Mail and Important folders from synching. Here is a quick video I made to show you how to turn off these and other folders in Gmail s…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

609 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question