[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] Blocking Kazaa
Kazaa is only one of a whole culture of peer-to-peer file-sharing networks/programs: Gnutella, eDonkey, BearShare, etc ad infinitum. Assuming that your network policy prohibits such things (if you don't have a policy, what's the firewall for?), you have essentially three choices: 1. Block them by port number. This doesn't scale well, and fails completely with the ones that search for unblocked port numbers to use. (While to you, a firewall should be a "policy enforcement device", to your users and the authors of these applications, it's just an obstacle to be surmounted.) 2. Only allow (outbound, as well as inbound) the services that your policy says are allowed. You might still get a few things sneaking in through allowed service ports, but at least you won't have to add to your ruleset every time users discover a new way to violate policy. 3. Add a content-filtering solution to your border security. This is about the only way you're going to block stuff that piggy-backs on well-known service ports (80, 25, etc) in order to circumvent firewalls. David Gillett > -----Original Message----- > From: Mailing list for discussion of Firewall-1 > [mailto:[email protected]]On Behalf Of Bill > Magro > Sent: Tuesday, August 27, 2002 4:47 AM > To: [email protected] > Subject: [FW-1] Blocking Kazaa > > > How do I block Kazaa?....... And are there any other sites > like Kazaa that I should block as well? > > I found that the port is 1214 tcp/udp.. Are there any other? > > > > Thanks > Bill > > ================================================= > To set vacation, Out Of Office, or away messages, > send an email to [email protected] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [email protected] > ================================================= > ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|