Security Basics mailing list archives
Re: Filtering new KaZaa!!!
From: Bruno Lustosa <bruno () lustosa net>
Date: Thu, 31 Oct 2002 16:05:48 -0300
Soporte [soporte () opticalip com pe] wrote:
I am trying to block KaZaa using access lists, I read many tips like blocking port 1214, block the Morpheus network, but with the latest version of KaZaa it seems that not work, why? Let me explain... I have Kazaa Media Desktop 2.0 (Built: Friday, September 20, 2002 16:14:03), a Network Protocol Analyzer (Ethereal Version 0.9.7) and a Cisco Catalyst 6509 (IOS MSFC2 Software C6MSFC2- IS-M Version 12.1 E4) (...)
Don't know if it's applicable in your network, but isn't it easier and way more secure to block everything, and then allow "legitimate" traffic (like http, ftp, etc) ? I've had an experience similar to this in the past, and the moment I bloced Morpheus, people moved to edonkey. When I blocked edonkey, people moved to iMesh. It would go like forever, because people are always making new p2p networks. So, just block everything and allow the valid traffic, and you'll have blocked every existing p2p software and future ones also (well, one might use an http gateway, but then a proxy would help you). It's always good security practice whitelisting instead of blacklisting. Just isn't applicable in every network setup (ISPs, for example). -- Bruno Lustosa, aka Lofofora | Email: bruno () lustosa net Network Administrator/Web Programmer | ICQ UIN: 1406477 Rio de Janeiro - Brazil |
Attachment:
_bin
Description:
Current thread:
- Filtering new KaZaa!!! Soporte (Oct 31)
- Re: Filtering new KaZaa!!! Bruno Lustosa (Nov 01)
- RE: Filtering new KaZaa!!! Ghaith Nasrawi (Nov 04)
- <Possible follow-ups>
- RE: Filtering new KaZaa!!! Soporte (Nov 04)