RE: Killing Napster

[Nuno Fernandes <nfernandes () book com>]

access-list 103 deny   tcp any any eq 8888
access-list 103 deny   tcp any any eq 5555
access-list 103 deny   tcp any any eq 6688
access-list 103 deny   tcp any any eq 6697
access-list 103 deny   tcp any any eq 6699
access-list 103 permit ip any any
access-list 104 deny   tcp any any eq 8888
access-list 104 deny   tcp any any eq 5555
access-list 104 deny   tcp any any eq 6688
access-list 104 deny   tcp any any eq 6697
access-list 104 deny   tcp any any eq 6699
access-list 104 permit ip any any

That is access-group in and out.
> -----Original Message-----
> From: Andrew Scoggins [SMTP:scoggins () progress com]
> Sent: Wednesday, February 16, 2000 1:39 PM
> To:   firewall-wizards () nfr net
> Subject:      Killing Napster
>
> Hello all,
>
> I am currently looking into killing the MP3 Program Napster. 
>
> A user told me that he had been using it inside the firewall to download
> files on an external Napster server. He assumed he was safe because he
> was behind the firewall, but soon discovered that other users were
> downloading from his machine. My guess is that Napster establishes a
> connection from client to server that is used for uploads AND downloads.
> So, the burning question is, has anyone blocked Napster by specifying
> the destination port (which I haven't figured out yet) going out? I am
> not running an application level firewall, so I can only do it by port.
>
> Thanks for any help. I also post other info as I find it.
>
> Andy
>
> -- 
> =-=-=-=-=-=-=-=-=-=-=-=-=-=
>   Andy Scoggins
>   Network Analyst
>   Progress Software
>   scoggins () progress com
> =-=-=-=-=-=-=-=-=-=-=-=-=-=
>
>   Information security is 
>   Y2K without the deadline.