Firewall Wizards mailing list archives
RE: stop microsoft p2p
From: Bruce Platt <Bruce () ei3 com>
Date: Fri, 28 Mar 2003 08:42:47 -0500
In addition to the other suggestions, here's one which will cost you a few bucks (somewhat less than $500 depending on where you buy it). Get a Netscreen 5-XP or 5-XT and run it in transparent mode. That way it is essentially a layer 2 bridge with no IP address on either interface. You can then configure it with policies to allow or deny any specific protocol traffic across it. One side of it would be called "V1-untrust" in Netscreen parlance, the other "V1-trust". You could then set up policies as follows: set policy id 5 from "V1-Untrust" to "V1-Trust" "Any" "Any" "nb stuff" Deny log set policy id 4 from "V1-Untrust" to "V1-Trust" "Any" "Any" "TFTP" Deny log set policy id 3 from "V1-Untrust" to "V1-Trust" "Any" "Any" "TELNET" Deny log set policy id 1 from "V1-Untrust" to "V1-Trust" "Any" "Any" "ANY" Permit log set policy id 0 from "V1-Trust" to "V1-Untrust" "Any" "Any" "ANY" Permit log Policies are applied from the top down. These would stop anything on the "V1-Untrust side from doing any Netbios stuff like file sharing, share browsing, etc. as well as tftp and telnet to the "V1-trust" side. All other traffic is allowed. In this case the service "nb stuff" was custom defined to include the ports 137-139 tcp and udp and 445 as well. Careful attention to which machine goes into which zone and modification/addition of above rules to suit allows this to meet your needs. (Disclaimer: I have no financial interest in Netscreen.) Regards
-----Original Message----- From: Robert E. Martin [mailto:rmartin () fishburne org] Sent: Thursday, March 27, 2003 8:42 AM To: firewall-wizards () honor icsalabs com Subject: [fw-wiz] stop microsoft p2p Anyone heard of a device or gizmo that replaces a hub or switch that can stop p2p or microsoft file sharing? scenario: two computers on the same segment connected via a hub or switch sharing files between themselves. Does not have to be music, could be data files, photos, copywritten data etc.. Can that be stopped? -- Robert E Martin IT Manager Fishburne Military School rmartin () fishburne org 540.946.7726 _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- stop microsoft p2p Robert E. Martin (Mar 27)
- Re: stop microsoft p2p Bennett Todd (Mar 27)
- Re: stop microsoft p2p Julian Gomez (Mar 28)
- Re: stop microsoft p2p Michael LaPane (Mar 28)
- <Possible follow-ups>
- RE: stop microsoft p2p Noonan, Wesley (Mar 27)
- Re: stop microsoft p2p Mark Gumennik (Mar 28)
- RE: stop microsoft p2p Sloane, David (Mar 27)
- RE: stop microsoft p2p Bruce Platt (Mar 28)
- RE: stop microsoft p2p Kessler, Ben (Mar 30)
- Re: stop microsoft p2p Bennett Todd (Mar 27)