Firewall Wizards mailing list archives

RE: Blocking Kazaa

From: "Jeff Falgout" <JFalgout () co jefferson co us>
Date: Fri, 27 Jun 2003 12:33:39 -0600

James Cutter <JamesCutter () thedoghousemail com> 6/25/2003 11:31:44 PM

PIX can't do this. Other Cisco gear can't as well. 
There is a Peer to Peer firewall from Akonix (http://www.akonix.com/ )
that you can use. 

another option that you might want to try is checkpoint NG (starting at
FP3) that can block Peer-to-Peer (including kazaa) applications
traversing the firewall on port 80. 


Original message: 


Hi, I want to block kazaa from my pix fw blocking port 1214 TCP, but it
seems like it's using port 80 now,,,,and I can't drop that port because
web wont work.....


Any ideas?


I've seen posts on other mailing lists suggesting opening up port 1214,
yet throttling it down to the slowest speed possible.

The thought is that Kazaa first tries to connect on port 1214 if that
connection is refused, it jumps around and usually ends up on 80.
Yet if you allow the first connection to be successful it won't switch
ports. As the users start to download, the connection slows to a crawl.

It may allow Kazaa to work, but it sure won't be an enjoyable product

Haven't tried it personally though, so YMMV

Jeff

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

Re: Blocking Kazaa, (continued)
- - Re: Blocking Kazaa Bruce Smith (Jun 26)
- RE: Blocking Kazaa Danny Salinas (Jun 27)
- Re: Blocking Kazaa Paul Robertson (Jun 27)
- RE: Blocking Kazaa Steven Alexander (Jun 26)
- RE: Blocking Kazaa James Baumgardner (Jun 27)
  - RE: Blocking Kazaa peter robinson (Jun 27)
  - RE: Blocking Kazaa Daniel Howe (Jun 27)
- RE: Blocking Kazaa James Cutter (Jun 27)
- RE: Blocking Kazaa Whiteside, Larry [contractor] (Jun 27)
- Re: Blocking Kazaa Boni Bruno (Jun 27)
- RE: Blocking Kazaa Jeff Falgout (Jun 27)