How to drop Winmx p2p

newer
RE: [suse-security] How to drop...

lab.civitanova＠unimc.it

30 Jun 2004 30 Jun '04

08:26

Hi all!!! How can I stop winmix peer to peer connections? I try in my gateway machine to write this : "iptables -A FORWARD -p tcp --syn -dport 6699 -j DROP", but it doesn't work. Winmix seem to connect anyway with a remote host at the port 6699. Anyone may help me? Thanks!!! Paolo

Show replies by date

list＠nolog.org

30 Jun 30 Jun

08:44

New subject: [suse-security] How to drop Winmx p2p

Hello, lab.civitanova@unimc.it wrote:

...

How can I stop winmix peer to peer connections? I try in my gateway machine to write this : "iptables -A FORWARD -p tcp --syn -dport 6699 -j DROP", but it doesn't work. Winmix seem to connect anyway with a remote host at the port 6699.

is there a rule above in that connecting to port 6699 is allowed? If so, try iptables -I FORWARD 1 -p tcp ... HTH GTi

Markus Gaugusch

08:46

New subject: [suse-security] How to drop Winmx p2p

On Jun 30, lab.civitanova@unimc.it wrote:

...

How can I stop winmix peer to peer connections? I try in my gateway machine to write this : "iptables -A FORWARD -p tcp --syn -dport 6699 -j DROP", but it doesn't work. Winmix seem to connect anyway with a remote host at the port 6699.

First: Better stop all traffic except for "known good" ports. There are so many was to do file sharing, that you can hardly prevent them by firewalling. Second: You probably have another rule that allows all traffic and the rule above is appended to your ruleset. Better use -I (insert) and not -A (append). Markus -- __________________ /"\ Markus Gaugusch \ / ASCII Ribbon Campaign markus(at)gaugusch.at X Against HTML Mail / \

lab.civitanova＠unimc.it

08:57

New subject: [suse-security] How to drop Winmx p2p

Scrive Markus Gaugusch :

...

On Jun 30, lab.civitanova@unimc.it wrote:

...
How can I stop winmix peer to peer connections? I try in my gateway machine to write this : "iptables -A FORWARD -p tcp --syn -dport 6699 -j DROP", but it doesn't work. Winmix seem to connect anyway with a remote host at the port 6699.

First: Better stop all traffic except for "known good" ports. There are so many was to do file sharing, that you can hardly prevent them by firewalling.

Second: You probably have another rule that allows all traffic and the rule above is appended to your ruleset. Better use -I (insert) and not -A (append).

Markus -- __________________ /"\ Markus Gaugusch \ / ASCII Ribbon Campaign markus(at)gaugusch.at X Against HTML Mail / \

-- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here

Thanks everybody but nothing to do!!! Winmix connection seem to be alive anyway!!!! I try other ways Bye Bye

Anders Johansson

09:12

New subject: [suse-security] How to drop Winmx p2p

On Wednesday 30 June 2004 10.57, lab.civitanova@unimc.it wrote:

...

Thanks everybody but nothing to do!!! Winmix connection seem to be alive anyway!!!!

"alive"? Yes, since you used --syn, it won't touch existing connections. But are you seeing new connections started on port 6699 even with that rule first in the chain?

7247

Age (days ago)

7247

Last active (days ago)

List overview

Download

4 comments

4 participants

participants (4)

Anders Johansson
lab.civitanova＠unimc.it
list＠nolog.org
Markus Gaugusch