IDS mailing list archives
Re: blocking p2p traffic
From: Jeff Kell <jeff-kell () utc edu>
Date: Mon, 08 Mar 2004 20:42:09 -0500
InfoSec wrote:
Still surprised that no one has mentioned that Cisco users can use NBAR (network based application recognition). It works really well for us and takes un-needed stress out of the IDS, yet requires very little of the router to drop/block the p2p from getting anywhere.
Unless you have a 6500, which doesn't allow you to combine NBAR with policing or rate-limiting :-(
Jeff --------------------------------------------------------------------------- Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN, wireless security Protect your network against hackers, viruses, spam and other risks with Astaro Security Linux, the comprehensive security solution that combines six applications in one software solution for ease of use and lower total cost of ownership.Download your free trial at http://www.securityfocus.com/sponsor/Astaro_focus-ids_040301
---------------------------------------------------------------------------
Current thread:
- Re: blocking p2p traffic, (continued)
- Re: blocking p2p traffic Petr Ruzicka (Mar 12)
- RE: blocking p2p traffic Gary Freeman (Mar 04)
- RE: blocking p2p traffic josh (Mar 08)
- RE: blocking p2p traffic Zach Forsyth (Mar 08)
- Re: blocking p2p traffic Dean Smith (Mar 08)
- RE: blocking p2p traffic Vincent . Maes (Mar 08)
- RE: blocking p2p traffic James Williams (Mar 08)
- Re: blocking p2p traffic Michael Stone (Mar 12)
- RE: blocking p2p traffic InfoSec (Mar 08)
- Re: blocking p2p traffic Jens Matthes (Mar 12)
- Re: blocking p2p traffic Jeff Kell (Mar 12)
- Re: blocking p2p traffic Brian Smith (Mar 15)