RE: Blocking Music Sharing.

["Todd Mitchell - lists" <lists () ciphin com>]

It's probably easiest to create policies & procedures regarding P2P
transfer and then rather than block it and have the traffic bounce to
another port simply rate limit the traffic on a border router to
something were users won't use it because it is too slow.

Todd

--


| -----Original Message-----
| From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-
| admin () lists netsys com] On Behalf Of srenna () vdbmusic com
| Sent: Monday, September 15, 2003 2:56 PM
| To: Dimitri Limanovski; Johnson, Mark
| Cc: full-disclosure () lists netsys com
| Subject: Re: [Full-disclosure] Blocking Music Sharing.
| 
| That won't alwasy work.
| I don't know enough about the inner workings of Limewire
| and such but I know that AIM has a mechanism to go out over
| any well known port such as 53 or 21...i'm sure the makers
| of P2P have incorporated similiar features into their
| designs.
| 
| The only advice I can give is to monitor the traffic
| utilizing Snort, create AUPs for employees, and take steps
| against them if they violate it.
| 
| Someone else out there may have a better idea, but if IM
| can do it, i'm sure these programs can take any outbound
| path they want...
| 
| Scott Renna
| Symantec Managed Security Services
| 
| 
| 
| On Mon, 15 Sep 2003 13:42:03 -0400
|  "Dimitri Limanovski" <dlimanov () sct com> wrote:
| >
| > Just block ALL the traffic outbound and allow only
| > necessary ports,
| > like HTTP/S, FTP, SMTP, DNS etc. Requires more work on
| > your end
| > managing the firewall rules but a better practice and
| > protection in
| > the long run.
| >
| >
| > Dimitri
| >
| >
| >
| > |---------+-------------------------------------->
| > |         |           "Johnson, Mark"            |
| > |         |           <mjohnson () nmcr com>        |
| > |         |           Sent by:                   |
| > |         |           full-disclosure-admin@lists|
| > |         |           .netsys.com                |
| > |         |                                      |
| > |         |                                      |
| > |         |           09/15/2003 12:37 PM        |
| > |         |                                      |
| > |---------+-------------------------------------->
| >
|
> -----------------------------------------------------------------------
| ---------------------------------------|
| >   |
| >
| 
| >                                                   |
| >   |       To:       <full-disclosure () lists netsys com>
| >
|                                                           |
| >   |       cc:
| >
| 
| >                                         |
| >   |       Subject:  [Full-disclosure] Blocking Music
| > Sharing.
| >                                                    |
| >
|
> -----------------------------------------------------------------------
| ---------------------------------------|
| >
| >
| >
| > Due to the legal issues, I am trying to block access to
| > sites like
| > Kazaa and Limewire in the office.  If I am not mistaken,
| > these
| > networks can use different ports each time, so there is
| > no way to
| > block it at the firewall.  Is this right?  And if so,
| > what is the best
| > way to block access to these types of sites?
| >
| > Many thanks,
| > Mark J.
| >
| >
| >
| >
| > _______________________________________________
| > Full-Disclosure - We believe in it.
| > Charter:
| > http://lists.netsys.com/full-disclosure-charter.html
| 
| _______________________________________________
| Full-Disclosure - We believe in it.
| Charter: http://lists.netsys.com/full-disclosure-charter.html

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html