Re: [fw-wiz] Blocking Kazaa

• Previous message: Brian Ford: "Re: [fw-wiz] PIX Failover Questions"
• In reply to: Paul Armstrong: "Re: [fw-wiz] Blocking Kazaa"
• Next in thread: Danny Salinas: "RE: [fw-wiz] Blocking Kazaa"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: "Dante Fressone" <FressoneD@officenet.com>
Date: Thu, 26 Jun 2003 21:27:07 +0200

I would add my voice to Paul's, setting a proxy up would solve your problem.

We found that we successfully blocked new installations of Kazaa by blocking
TCP and UDP packets going to port 1214 and also, oddly enough, sourcing from
1214 on the inside of our network. That coupled with a blanket port 80 block
has prevented new Kazaa instances from connecting. We've been purging the
existing installations by using the PS Tools package to remotely search and
destroy the Kazaa folder.

Regards

Bruce

----- Original Message -----
From: "Paul Armstrong" <army@cyber.com.au>
To: "Dante Fressone" <FressoneD@officenet.com>
Cc: <firewall-wizards@honor.icsalabs.com>
Sent: Thursday, June 26, 2003 7:04 AM
Subject: Re: [fw-wiz] Blocking Kazaa

> On Wed, Jun 25, 2003 at 03:20:54PM -0300, Dante Fressone wrote:
> > Hi, I want to block kazaa from my pix fw blocking port 1214 TCP, but it
> > seems like it's using port 80 now,,,,and I can't drop that port because
web
> > wont work.....
> >
> > Any ideas?
>
> Use a HTTP proxy such as Squid and only allow traffic to port 80 from the
> proxy.
>
> This has other advantages such as faster response time for cached objects,
> general filtering (e.g. if your policy says people aren't allowed to
download
> anything with a .vbs extension) and will save you money if you pay by the
byte
> (or if you pay for pipe size and the traffic reduction means you don't
need
> such a large pipe).
>
> Paul
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards@honor.icsalabs.com
> http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

• Previous message: Brian Ford: "Re: [fw-wiz] PIX Failover Questions"
• In reply to: Paul Armstrong: "Re: [fw-wiz] Blocking Kazaa"
• Next in thread: Danny Salinas: "RE: [fw-wiz] Blocking Kazaa"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Kazaa and proxies ... I think it's port 1214 or 1412, ... > Can you run software like Kazaa or Morpheus through a proxy? ... > use of multiple proxies - but for the web. ... Not sure what port Kazaa ... (comp.security.firewalls) Web proxy chaining between MS Proxy 2.0 and ISA 2004 ... We have a lot of MS Proxy 2.0 installations in our branch offices configured ... as downstream proxys connected to an array of 2 upstream servers, ... Proxy 2, at our central location. ... (microsoft.public.isa)