Mailinglist Archive: opensuse-security (274 mails)
| < Previous | Next > |
RE: [suse-security] Blocking Kazaa and other P2P communication tools.
- From: "Knut Erik Hauslo" <KNUTH@xxxxxxxxxxxx>
- Date: Tue, 19 Aug 2003 16:12:19 +0200
- Message-id: <84ECB0B9D002A54EA3E926AAA94E5808089D3E@xxxxxxxxxxxxxx>
The problem is, if you are able to assing other port number to be used
by kazaa, say 80 TCP, and you close 80 TCP on your firewall, then you
will not be able to eihter open normal HTTP-pages nor do any Kazaa
session.
According to kazaa FAQ, it normally uses port 1214 TCP but it's possible
to circumvent it... :-( http://doa2.host.sk/help/connection.htm
-KEH
-----Original Message-----
From: Fred Merritt [mailto:fred@xxxxxxxx]
Sent: Tuesday, August 19, 2003 3:58 PM
To: suse-security@xxxxxxxx
Subject: Re: [suse-security] Blocking Kazaa and other P2P communication
tools.
Forgive me, if I'm being a bit stupid here, because my brain is nested
six levels deep in something else right now, but is it not possible to
block outgoing requests to Kazaa?? If nobody can request anything,
Kazaa, is not likely to send anything back, is it?
Best regards. . . Fred
Knut Erik Hauslo wrote:
> Hmm. If that is so, setting Kazaa to use well known ports, then that's
> a problem. But my experiences are, that you can talk endlessly with
> users, you will always have someone ignoring what's said. Even writte
> policies are ignored. It's effective if you have honest users, I
> agree.
>
> -KEH
>
> -----Original Message-----
> From: Johannes Bretscher [mailto:bretscher@xxxxxxx]
> Sent: Tuesday, August 19, 2003 3:29 PM
> To: Knut Erik Hauslo
> Cc: suse-security@xxxxxxxx
> Subject: Re: [suse-security] Blocking Kazaa and other P2P
communication
> tools.
>
>
> On Tue, Aug 19, 2003 at 03:17:10PM +0200, Knut Erik Hauslo wrote:
>
>>Use a sniffer and watch which ports are being used. I cannot tell you
>>which ports, because the corporate firewall that I manage is not SuSEs
>
>
>>Firewall2, but I have only defined which ports to accept outbound
>>(SMTP, HTTP(S), etc) and Kazaa does not work here.
>
>
> The problem is that these programs can change ports. Even well known
> ports like 80 443 25 etc may be used. I don't know if Kazaa can do
> this but I have seen programs speaking perfect http over port 80 that
> are in no other way related to the www.
>
>
>>Not very useful maybe, but talking with users to have them stop using
>>Kazaa is i think more complicated.
>
>
> It may be the only effective way.
>
>
>>-KEH
>>
>
>
> Greetings,
> Johannes
>
--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here
by kazaa, say 80 TCP, and you close 80 TCP on your firewall, then you
will not be able to eihter open normal HTTP-pages nor do any Kazaa
session.
According to kazaa FAQ, it normally uses port 1214 TCP but it's possible
to circumvent it... :-( http://doa2.host.sk/help/connection.htm
-KEH
-----Original Message-----
From: Fred Merritt [mailto:fred@xxxxxxxx]
Sent: Tuesday, August 19, 2003 3:58 PM
To: suse-security@xxxxxxxx
Subject: Re: [suse-security] Blocking Kazaa and other P2P communication
tools.
Forgive me, if I'm being a bit stupid here, because my brain is nested
six levels deep in something else right now, but is it not possible to
block outgoing requests to Kazaa?? If nobody can request anything,
Kazaa, is not likely to send anything back, is it?
Best regards. . . Fred
Knut Erik Hauslo wrote:
> Hmm. If that is so, setting Kazaa to use well known ports, then that's
> a problem. But my experiences are, that you can talk endlessly with
> users, you will always have someone ignoring what's said. Even writte
> policies are ignored. It's effective if you have honest users, I
> agree.
>
> -KEH
>
> -----Original Message-----
> From: Johannes Bretscher [mailto:bretscher@xxxxxxx]
> Sent: Tuesday, August 19, 2003 3:29 PM
> To: Knut Erik Hauslo
> Cc: suse-security@xxxxxxxx
> Subject: Re: [suse-security] Blocking Kazaa and other P2P
communication
> tools.
>
>
> On Tue, Aug 19, 2003 at 03:17:10PM +0200, Knut Erik Hauslo wrote:
>
>>Use a sniffer and watch which ports are being used. I cannot tell you
>>which ports, because the corporate firewall that I manage is not SuSEs
>
>
>>Firewall2, but I have only defined which ports to accept outbound
>>(SMTP, HTTP(S), etc) and Kazaa does not work here.
>
>
> The problem is that these programs can change ports. Even well known
> ports like 80 443 25 etc may be used. I don't know if Kazaa can do
> this but I have seen programs speaking perfect http over port 80 that
> are in no other way related to the www.
>
>
>>Not very useful maybe, but talking with users to have them stop using
>>Kazaa is i think more complicated.
>
>
> It may be the only effective way.
>
>
>>-KEH
>>
>
>
> Greetings,
> Johannes
>
--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here
| < Previous | Next > |