RE:

To: debian-security@lists.debian.org
Subject: RE:
From: DEFFONTAINES Vincent <Vincent.DEFFONTAINES@coe.int>
Date: Tue, 19 Nov 2002 16:43:29 +0100
Message-id: <[🔎] 51341B7FA34CD2119FA20008C7289B1C051C1AFB@panoramix.coe.int>


> -----Original Message-----
> From: Fadel [mailto:fadel@siteplanet.com.br]
> Sent: Tuesday 19 November 2002 16:05
> To: "debian-security@lists.debian.org"@plutao.siteplanet.com.br
> Subject: 
> 
> 
> Hi there,
> 
> I got a trouble in my network while trying to block Kazaa.
> I tried to drop port 1214 with this rule:
> 
> iptables -A FORWARD --dport 1214 -j DROP
> 
> but this doesn't work. so I did sniffing to see what kind of 
> packets and
> ports kazaa uses and I saw that it searches for servers in 
> different ports.
> later, I read in various texts around the net, but all 
> recommend to block
> port 1214 and kazaa site. this probably worked in version 1.
> 
> how could I block kazaa, since I need accept connections in 
> high ports?
> 

You need not accept connections on high ports.
Use netfilter connection tracking , especially ESTABLISHED and RELATED
states.
http://www.netfilter.org has docs for that.

Reply to:

Prev by Date: Re: Bypassing proxies
Next by Date: RE: Bypassing proxies
Previous by thread: [no subject]
Next by thread: Re: [SECURITY] [DSA 187-1] New Apache packages fix several vulnerabilities
Index(es):
- Date
- Thread