RE: blocking kazaa
IIRC, kazaa has various firewall-piercing options, including using the
HTTP port on either the sender or reciever's end to handle transfers.
-----Original Message-----
From: ezra daniel [mailto:ezra_daniel@hotmail.com]
Sent: Tuesday, November 19, 2002 1:12 PM
To: debian-firewall@lists.debian.org
Subject: Re: blocking kazaa
I agree,
In every firewall manual its explained that a good firewall should allow
only certain traffic and always block/drop the rest...
He seems not to be doing so.
-daniel
http://www.debian-gnu.com
>From: Henrique Pedroni Neto <henrique@ital.org.br>
>To: debian-firewall@lists.debian.org
>Subject: Re: blocking kazaa
>Date: Tue, 19 Nov 2002 15:21:56 -0200
>
>Hello,
>
>You can set the default policy to DROP,
>and later open only the ports that you need to make the conection.
>
>I do this im my box and worked fine.
>
>Regards,
>
>Henrique
>
>|Hi there,
>|
>|I got a trouble in my network while trying to block Kazaa.
>|I tried to drop port 1214 with this rule:
>|
>|iptables -A FORWARD --dport 1214 -j DROP
>|
>|but this doesn't work. so I did sniffing to see what kind of packets
and
>|ports kazaa uses and I saw that it searches for servers in different
>ports.
>|later, I read in various texts around the net, but all recommend to
block
>|port 1214 and kazaa site. this probably worked in version 1.
>|
>|how could I block kazaa, since I need accept connections in high
ports?
>|
>|sorry for the bad english.
>|
>|regards,
>|
>|phadell
>
>
>--
>Henrique Pedroni Neto
>Administrador de Rede - ITAL (http://www.ital.org.br)
>E-mail: henrique@ital.org.br
>UIN: 8146255
>Dúvidas sobre Debian? Visite o Rau-Tu: http://rautu.cipsga.org.br
>"One foot to rule them all" - GNOME
>
><< 00000000.mimetmp >>
><< attach5 >>
_________________________________________________________________
Charla con tus amigos en línea mediante MSN Messenger:
http://messenger.microsoft.com/es
--
To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org
Reply to: