Re: stop microsoft p2p

[Michael LaPane <mlapane () comcast net>]

Make sure you are careful with the flexresp option in snort if you go 
that route - some of the kids are gonna get smart and fool your snort 
sensor into killing connections to your router or mail server, etc. :-)

Automatic response with an IDS requires careful planning ;-)

But, it's probably your only option unless you come down with an iron 
fist and have them boot their desktops from a server image... and you 
control all of the software. Of course, things like Knoppix will help 
them get past that too. Hmm, thin client computing...

Anyway, there's a tool called ettercap that does arp poisoning (like 
dsniff) - you could try that - but that can be quite tedious.

Cheers,
-Mike

On Thursday, March 27, 2003, at 08:42 AM, Robert E. Martin wrote:

> Anyone heard of a device or gizmo that replaces a hub or switch that 
> can stop p2p or microsoft file sharing? scenario: two computers on the 
> same segment connected via a hub or switch sharing files between 
> themselves. Does not have to be music, could be data files, photos, 
> copywritten data etc.. Can that be stopped?
> --
> Robert E Martin
> IT Manager
> Fishburne Military School
> rmartin () fishburne org
> 540.946.7726
>
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards () honor icsalabs com
> http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards