RE: [suse-security] Blocking Kazaa and other P2P communication tools.
The problem is, if you are able to assing other port number to be used by kazaa, say 80 TCP, and you close 80 TCP on your firewall, then you will not be able to eihter open normal HTTP-pages nor do any Kazaa session. According to kazaa FAQ, it normally uses port 1214 TCP but it's possible to circumvent it... :-( http://doa2.host.sk/help/connection.htm -KEH -----Original Message----- From: Fred Merritt [mailto:fred@argus.pt] Sent: Tuesday, August 19, 2003 3:58 PM To: suse-security@suse.com Subject: Re: [suse-security] Blocking Kazaa and other P2P communication tools. Forgive me, if I'm being a bit stupid here, because my brain is nested six levels deep in something else right now, but is it not possible to block outgoing requests to Kazaa?? If nobody can request anything, Kazaa, is not likely to send anything back, is it? Best regards. . . Fred Knut Erik Hauslo wrote:
Hmm. If that is so, setting Kazaa to use well known ports, then that's
a problem. But my experiences are, that you can talk endlessly with users, you will always have someone ignoring what's said. Even writte policies are ignored. It's effective if you have honest users, I agree.
-KEH
-----Original Message----- From: Johannes Bretscher [mailto:bretscher@5sl.org] Sent: Tuesday, August 19, 2003 3:29 PM To: Knut Erik Hauslo Cc: suse-security@suse.com Subject: Re: [suse-security] Blocking Kazaa and other P2P communication tools.
On Tue, Aug 19, 2003 at 03:17:10PM +0200, Knut Erik Hauslo wrote:
Use a sniffer and watch which ports are being used. I cannot tell you which ports, because the corporate firewall that I manage is not SuSEs
Firewall2, but I have only defined which ports to accept outbound (SMTP, HTTP(S), etc) and Kazaa does not work here.
The problem is that these programs can change ports. Even well known ports like 80 443 25 etc may be used. I don't know if Kazaa can do this but I have seen programs speaking perfect http over port 80 that are in no other way related to the www.
Not very useful maybe, but talking with users to have them stop using Kazaa is i think more complicated.
It may be the only effective way.
-KEH
Greetings, Johannes
-- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here
participants (1)
-
Knut Erik Hauslo