Re: Blocking Kazaa

["Bruce Smith" <bruce_the_loon () worldonline co za>]

I would add my voice to Paul's, setting a proxy up would solve your problem.

We found that we successfully blocked new installations of Kazaa by blocking
TCP and UDP packets going to port 1214 and also, oddly enough, sourcing from
1214 on the inside of our network. That coupled with a blanket port 80 block
has prevented new Kazaa instances from connecting. We've been purging the
existing installations by using the PS Tools package to remotely search and
destroy the Kazaa folder.

Regards

Bruce


----- Original Message ----- 
From: "Paul Armstrong" <army () cyber com au>
To: "Dante Fressone" <FressoneD () officenet com>
Cc: <firewall-wizards () honor icsalabs com>
Sent: Thursday, June 26, 2003 7:04 AM
Subject: Re: [fw-wiz] Blocking Kazaa


> On Wed, Jun 25, 2003 at 03:20:54PM -0300, Dante Fressone wrote:
> > Hi, I want to block kazaa from my pix fw blocking port 1214 TCP, but it
> > seems like it's using port 80 now,,,,and I can't drop that port because
web
> > wont work.....
> >
> > Any ideas?
>
> Use a HTTP proxy such as Squid and only allow traffic to port 80 from the
> proxy.
>
> This has other advantages such as faster response time for cached objects,
> general filtering  (e.g. if your policy says people aren't allowed to
download
> anything with a .vbs extension) and will save you money if you pay by the
byte
> (or if you pay for pipe size and the traffic reduction means you don't
need
> such a large pipe).
>
> Paul
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards () honor icsalabs com
> http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards