Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Blocking Kazaa

From: "Steven Alexander" <alexander.s () mccd edu>
Date: Wed, 25 Jun 2003 18:11:07 -0700
You could use an IDS such as snort to detect traffic from kazaa or other
p2p software.  This would alert you that people are using the software
but wouldn't actively prevent it.  

If you script well, you could have snort monitor just p2p traffic and
pipe the output to a script that automatically adds rules to block IP
addresses that your user's p2p software connects to.  Make sure the
snort box connects via ssh and that it does not accept incoming
connections at all.

Btw, Port 80 is used as a backup port number for kazaa.

-steven



-----Original Message-----
From: Dante Fressone [mailto:FressoneD () officenet com] 
Sent: Wednesday, June 25, 2003 11:21 AM
To: firewall-wizards () honor icsalabs com
Subject: [fw-wiz] Blocking Kazaa


Hi, I want to block kazaa from my pix fw blocking port 1214 
TCP, but it seems like it's using port 80 now,,,,and I can't 
drop that port because web wont work.....


Any ideas?


Thanks!


Dante Fressone
Networking
e-mail: fressoned () officenet com
Tel: 54-(11)-4126-2728

_______________________________________________
firewall-wizards mailing list firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards


_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: