Re: [fw-wiz] Blocking Kazaa

From: Bruce Smith (bruce_the_loon_at_worldonline.co.za)
Date: 06/26/03

  • Next message: Ste Jones: "[fw-wiz] Distributed port scanning using OpenBSD's packet filter"
    To: "Dante Fressone" <FressoneD@officenet.com>
    Date: Thu, 26 Jun 2003 21:27:07 +0200
    
    

    I would add my voice to Paul's, setting a proxy up would solve your problem.

    We found that we successfully blocked new installations of Kazaa by blocking
    TCP and UDP packets going to port 1214 and also, oddly enough, sourcing from
    1214 on the inside of our network. That coupled with a blanket port 80 block
    has prevented new Kazaa instances from connecting. We've been purging the
    existing installations by using the PS Tools package to remotely search and
    destroy the Kazaa folder.

    Regards

    Bruce

    ----- Original Message -----
    From: "Paul Armstrong" <army@cyber.com.au>
    To: "Dante Fressone" <FressoneD@officenet.com>
    Cc: <firewall-wizards@honor.icsalabs.com>
    Sent: Thursday, June 26, 2003 7:04 AM
    Subject: Re: [fw-wiz] Blocking Kazaa

    > On Wed, Jun 25, 2003 at 03:20:54PM -0300, Dante Fressone wrote:
    > > Hi, I want to block kazaa from my pix fw blocking port 1214 TCP, but it
    > > seems like it's using port 80 now,,,,and I can't drop that port because
    web
    > > wont work.....
    > >
    > > Any ideas?
    >
    > Use a HTTP proxy such as Squid and only allow traffic to port 80 from the
    > proxy.
    >
    > This has other advantages such as faster response time for cached objects,
    > general filtering (e.g. if your policy says people aren't allowed to
    download
    > anything with a .vbs extension) and will save you money if you pay by the
    byte
    > (or if you pay for pipe size and the traffic reduction means you don't
    need
    > such a large pipe).
    >
    > Paul
    > _______________________________________________
    > firewall-wizards mailing list
    > firewall-wizards@honor.icsalabs.com
    > http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards


  • Next message: Ste Jones: "[fw-wiz] Distributed port scanning using OpenBSD's packet filter"

    Relevant Pages

    • Re: Kazaa and proxies
      ... I think it's port 1214 or 1412, ... > Can you run software like Kazaa or Morpheus through a proxy? ... > use of multiple proxies - but for the web. ... Not sure what port Kazaa ...
      (comp.security.firewalls)
    • Web proxy chaining between MS Proxy 2.0 and ISA 2004
      ... We have a lot of MS Proxy 2.0 installations in our branch offices configured ... as downstream proxys connected to an array of 2 upstream servers, ... Proxy 2, at our central location. ...
      (microsoft.public.isa)