Router Blocks: Incoming/Outgoing Traffic

Network traffic entering and leaving the ANU is checked against the following list:

Incoming traffic

Antispoofing and guard against being a "smurf" intermediary

• Disallow incoming packets with source IP address in the ANU networks.
• Disallow incoming packets with destination a broadcast address in the ANU networks.

Student subnets

Everything blocked, except outbound telnet and some servers.
Subnet 21: bohm, platinum, goblet allowed, rest blocked, except for telnet.

Dialin

Permit ICMP and established sessions.

Blocks on ports

Deny incoming UDP and TCP packets to the following ports (with exceptions for specific hosts):

• 42 Microsoft WINS (only TCP blocked)
• 69 tfp
• 87 ttylink
• 111 sunrpc
• 137 netbios-ns (Lanmanager)
• 138 netbios-dgm (Lanmanager)
• 139 Lanmanager (except established sessions)
• 515 lpd
• 2049 nfsd
• 31337 Backdoor Orifice

Outgoing traffic

News

Allow everyone at ANU access to clarion.carno.net.au (newshost.anu.edu.au).

Web

Force the following sites to use the webcache: ITS, RSC, ADNET. Further sites can be added at the request of their LITTS.

Student subnets

Allow outbound telnet (and inbound on subnet 21) and some servers. The rest is blocked.

Dialin

Permit ICMP and outgoing telnet. The rest is blocked.

Antispoofing

Only allow packets with source address in an ANU network to leave the ANU.