RE: Blocking Kazaa with iptables

To: debian-user@lists.debian.org
Subject: RE: Blocking Kazaa with iptables
From: grandmother@telia.com
Date: Thu, 21 Nov 2002 18:30:09 +0100
Message-id: <[🔎] 3DDD2631.22884.CE6A27@localhost>
In-reply-to: <[🔎] 01be01c28fee$bc5460b0$6401a8c0@sumi>
References: <[🔎] 20021119171743.GA28599@jc.oftheinter.net>

On 19 Nov 2002, at 9:11, Josh Rehman wrote:

> The input chain is for incoming packets. It is unlikely that kazza
> clients use a special port - they probably take the first one available,
> just like web clients.
> 
> If the client does essentially port scanning (to find a good server
> port), there is little you can at the iptables level. You will have to
> examine packets to deduce kazaa-ness. I don't know of a good way to do
> this, but I'd be interested in the solution. Another novel solution
> would be to have a stateful firewall that flags ip's that are trying
> port 1214 and any ports immediately following. The worst that would
> happen there is that legitimate uses of the higher ports will be
> impossible for a single ip until kazaa is shut down on that ip. I like
> that last solution since it doesn't require knowledge of packet
> contents! But, I wouldn't know how to implement it, and users could get
> around it by specifying a different initial port.
> 

Wouldn't it be better if you could block network activities by 
process (like: block all Kazaa connection to eth0 but allow 
connection to eth1, or something like that) aswell as by connection 
type, destination, source or whatever. Is there anyway to do that?

Reply to:

References:
- Re: Blocking Kazaa with iptables
  - From: Jeff <jcoppock1@attbi.com>
- RE: Blocking Kazaa with iptables
  - From: "Josh Rehman" <java.josh@verizon.net>

Prev by Date: Re: weird g++ behavior
Next by Date: Re: capturing X to video
Previous by thread: RE: Blocking Kazaa with iptables
Next by thread: RE: Blocking Kazaa with iptables
Index(es):
- Date
- Thread