Hi Ripunjay,
You need to block incoming/outgoing port 1214 tcp/udp
- Mayank
----- Original Message ----- From: "Ripunjay Bararia (ILUG-MUM)" ilug-mum@ddcpl.com To: linuxers@mm.ilug-bom.org.in Sent: Wednesday, December 25, 2002 11:52 AM Subject: RE: [ILUG-BOM] How to Stop Kazaa traffic using IPTables
- LUG meet on 12 Jan. 2003 @ VJTI
Greetings, Merry Christmas to all...
By Proxy based firewalls do you mean that the internal users on
my NATted
LAN do not have a default route to the internet and they need
to connect to
the net using only a proxy (squid etc...), well that is a bit
of a problem
as the squid is there for http only rest every one on the LAN
need to be
able to connect to the external FTP servers the upload and
MySQL servers for
updating things etc thus not a very easy thing to implement.
I have blocked kazaa.com from both the proxy and using BIND
(made a new zone
kazaa.com and put * A 127.0.0.1, record in there,
internally every one
uses the internal DNSes only.) Still users and myself are able
to use kazaa
without the users seeing the kazaa.com's homepage, which no one
every saw,
too busy to download *.* from the WEB...
I have heard on other lists that there is a way to block Kazaa
from network
using some sort of Signature filter with IPTables/Chains etc...
Any ideas will be really appreciated....
Thanks
Ripunjay Bararia
-----Original Message----- From: linuxers-admin@mm.ilug-bom.org.in [mailto:linuxers-admin@mm.ilug-bom.org.in]On Behalf Of Devdas
Bhagat
Sent: Tuesday, December 24, 2002 10:35 PM To: linuxers@mm.ilug-bom.org.in Subject: Re: [ILUG-BOM] How to Stop Kazaa traffic using
IPTables
Kazaa 2 uses dynamic high ports. Use proxy based firewalls to
block
it, no firewall rules. Oh, and have a policy banning Kazaa on
your
network, and then fire anyone who violates it.
Devdas Bhagat
-- _______________________________________________
http://mm.ilug-bom.org.in/mailman/listinfo/linuxers
-- _______________________________________________