IDS mailing list archives

Re: blocking p2p traffic

From: Jeff Kell <jeff-kell () utc edu>
Date: Mon, 08 Mar 2004 20:42:09 -0500

InfoSec wrote:

Still surprised that no one has mentioned that Cisco users can use NBAR
(network based application recognition).  It works really well for us
and takes un-needed stress out of the IDS, yet requires very little of
the router to drop/block the p2p from getting anywhere.

Unless you have a 6500, which doesn't allow you to combine NBAR withpolicing or rate-limiting :-(


Jeff


---------------------------------------------------------------------------
Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN,
wireless security

Protect your network against hackers, viruses, spam and other risks with Astaro
Security Linux, the comprehensive security solution that combines six
applications in one software solution for ease of use and lower total cost of
ownership.

Download your free trial athttp://www.securityfocus.com/sponsor/Astaro_focus-ids_040301

---------------------------------------------------------------------------

Current thread:

Re: blocking p2p traffic, (continued)
- Re: blocking p2p traffic Petr Ruzicka (Mar 12)
- RE: blocking p2p traffic Gary Freeman (Mar 04)
  - RE: blocking p2p traffic josh (Mar 08)
- RE: blocking p2p traffic Zach Forsyth (Mar 08)
- Re: blocking p2p traffic Dean Smith (Mar 08)
- RE: blocking p2p traffic Vincent . Maes (Mar 08)
- RE: blocking p2p traffic James Williams (Mar 08)
  - Re: blocking p2p traffic Michael Stone (Mar 12)
- RE: blocking p2p traffic InfoSec (Mar 08)
  - Re: blocking p2p traffic Jens Matthes (Mar 12)
  - Re: blocking p2p traffic Jeff Kell (Mar 12)
- Re: blocking p2p traffic Brian Smith (Mar 15)