Mailinglist Archive: opensuse-security (274 mails)
| < Previous | Next > |
RE: [suse-security] Blocking Kazaa and other P2P communication tools.
- From: Tommy Rönnholm <tommy.ronnholm@xxxxxxxxx>
- Date: Tue, 19 Aug 2003 16:38:41 +0200
- Message-id: <000c01c3665f$95f9fae0$0b00a8c0@se>
Use proxy server should be a good solution, but also to block
the users from install programs on the client.
Only the client admin should do the installs.
Hälsningar/Regards - Tommy Rönnholm
=======================================
Tel/phone: 070-6400232 Int: +46(70)6400232
Fax: 070-3889387 Int: +46(70)3889387
tommy.ronnholm@xxxxxxxxx http://www.elcaro.se
> -----Original Message-----
> From: Christoph Egger [mailto:"egger@egger"@mlcomputing.de]
> Sent: Tuesday, August 19, 2003 4:29 PM
> To: suse-security@xxxxxxxx
> Subject: Re: [suse-security] Blocking Kazaa and other P2P communication tools.
>
> On Tuesday, 19. August 2003 15:28, bretscher@xxxxxxx wrote:
> > On Tue, Aug 19, 2003 at 03:17:10PM +0200, Knut Erik Hauslo wrote:
> > > Use a sniffer and watch which ports are being used. I cannot tell you
> > > which ports, because the corporate firewall that I manage is not SuSEs
> > > Firewall2, but I have only defined which ports to accept outbound (SMTP,
> > > HTTP(S), etc) and Kazaa does not work here.
> >
> > The problem is that these programs can change ports. Even well known
> > ports like 80 443 25 etc may be used. I don't know if Kazaa can do this
> > but I have seen programs speaking perfect http over port 80 that are in
> > no other way related to the www.
>
> How about using proxies?
> AFAIK, proxy server can't handle anything else than what they have
> been developped for. :)
>
> Example: A firewall redirects port 80 and 443 to port 3128, where squid
> listens. I have never seen a P2P user breaking this barrier... :)
>
>
> --
> CU,
> Christoph Egger
> M&L Computing GmbH
>
> --
> Check the headers for your unsubscription address
> For additional commands, e-mail: suse-security-help@xxxxxxxx
> Security-related bug reports go to security@xxxxxxx, not here
the users from install programs on the client.
Only the client admin should do the installs.
Hälsningar/Regards - Tommy Rönnholm
=======================================
Tel/phone: 070-6400232 Int: +46(70)6400232
Fax: 070-3889387 Int: +46(70)3889387
tommy.ronnholm@xxxxxxxxx http://www.elcaro.se
> -----Original Message-----
> From: Christoph Egger [mailto:"egger@egger"@mlcomputing.de]
> Sent: Tuesday, August 19, 2003 4:29 PM
> To: suse-security@xxxxxxxx
> Subject: Re: [suse-security] Blocking Kazaa and other P2P communication tools.
>
> On Tuesday, 19. August 2003 15:28, bretscher@xxxxxxx wrote:
> > On Tue, Aug 19, 2003 at 03:17:10PM +0200, Knut Erik Hauslo wrote:
> > > Use a sniffer and watch which ports are being used. I cannot tell you
> > > which ports, because the corporate firewall that I manage is not SuSEs
> > > Firewall2, but I have only defined which ports to accept outbound (SMTP,
> > > HTTP(S), etc) and Kazaa does not work here.
> >
> > The problem is that these programs can change ports. Even well known
> > ports like 80 443 25 etc may be used. I don't know if Kazaa can do this
> > but I have seen programs speaking perfect http over port 80 that are in
> > no other way related to the www.
>
> How about using proxies?
> AFAIK, proxy server can't handle anything else than what they have
> been developped for. :)
>
> Example: A firewall redirects port 80 and 443 to port 3128, where squid
> listens. I have never seen a P2P user breaking this barrier... :)
>
>
> --
> CU,
> Christoph Egger
> M&L Computing GmbH
>
> --
> Check the headers for your unsubscription address
> For additional commands, e-mail: suse-security-help@xxxxxxxx
> Security-related bug reports go to security@xxxxxxx, not here
| < Previous | Next > |