Couple questions.


Is is possible to determine the IP range of a company/college/organization, and if so, how? I ask because apparently Kerio does not allow domain names as access masks.
Is there a firewall that DOES allow name usage in rules like that?

I use remote desktop a lot on a non-default port and would like to tighten Kerio's rule allowing this to specify not only the local port (say, 1234) but also the remote site's allowed address range. I've used controlled access systems that allowed matching by hostnames - so something like *.abc.edu - but am unaware as to whether any software FWs allow for this.

Seeing as how I'm behind a router, I would imagine that should do the trick, but for the sake of learning, I'm also up for learning of any alternative ways a rule could be better crafted beyond "okay, let all traffic from/to 1234 pass."

Thanks.

Outpost Pro supports domain names as well as Comodo (I guess, that Jetico & Core Force too).

I tried using domain names in CPF, but I got too small and too wide IP ranges in comparision to real IP ranges (google.com (http://img292.imageshack.us/img292/7421/capture11142006180807nq9.jpg) vs manual (http://img292.imageshack.us/img292/7933/capture11142006180811sh1.jpg)), so I set up IP ranges instead of domain name (do not know, if it is CPF's fault or their online database is outdated). So far it works fine just for me.

Interesting, thanks for the screenshots.

Which leaves me trying to figure out a way to get all the valid IP ranges for a given institution... any thoughts?

I use DNS Stuff (http://www.dnsstuff.com/) to get ranges. I just hope, that they are not going to change it too often.

Eg Yahoo connects to the IP: 216.155.193.176, I will use IPWHOIS Lookup and I will get IP range: 216.155.192.0 - 216.155.207.255. Of course, it can have more IP ranges, like Google.

Forgot all about that site, thanks for the help :)