Message

From mboxrd@z Thu Jan 1 00:00:00 1970 From: "Lohan Spies" Subject: Block Kazaa from the internal network Date: Thu, 16 Oct 2003 11:42:00 +0200 Sender: netfilter-admin@lists.netfilter.org Message-ID: Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_000F_01C393DA.82E97F40" Return-path: Errors-To: netfilter-admin@lists.netfilter.org List-Help: List-Post: List-Subscribe: , List-Id: List-Unsubscribe: , List-Archive: To: netfilter@lists.netfilter.org This is a multi-part message in MIME format. ------=_NextPart_000_000F_01C393DA.82E97F40 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Hi All, How can i block ALL Kazaa connections from inside my network? Thanks, Lohan Spies Systems Administrator CSA / DBA / MCP IQ Business Group Tel: +27 12 521 7309 Fax: +27 12 541 3441 Cell: +27 83 258 2698 l.spies@petzetakis-africa.co.za CONFIDENTIALITY CAUTION: If you have received this communication in error, please note that it is intended for the addressee only, is private and confidential and dissemination or copying prohibited. Please notify us immediately by e-mail and return the original message. We cannot assure that the integrity of this communication has been maintained nor that it is free of errors, virus, interception or interference. Thank you ------=_NextPart_000_000F_01C393DA.82E97F40 Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Message

Hi=20 All,

How = can i block ALL=20 Kazaa connections from inside my network?

Thanks,

Lohan Spies

Systems Administrator CSA / DBA /=20 MCP
IQ Business=20 Group
Tel: +27 = 12 521=20 7309
Fax: +27 = 12 541=20 3441
Cell: +27 = 83 258=20 2698
l.spies@petzetakis-africa= .co.za

CONFIDENTIALITY CAUTION: If you have received this communication in error, please note that it is intended for the addressee only, is private and confidential and dissemination or copying prohibited. Please notify us immediately by e-mail and return the original message. We cannot assure that the integrity of this communication has been maintained nor that it is free of errors, virus, interception or interference. Thank you ------=_NextPart_000_000F_01C393DA.82E97F40-- From mboxrd@z Thu Jan 1 00:00:00 1970 From: "Chris Lowth" Subject: Re: Block Kazaa from the internal network Date: Thu, 16 Oct 2003 10:57:20 +0100 Sender: netfilter-admin@lists.netfilter.org Message-ID: <007a01c393cb$e4156f40$0900a8c0@lowth.com> References: Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0077_01C393D4.459CCE40" Return-path: Errors-To: netfilter-admin@lists.netfilter.org List-Help: List-Post: List-Subscribe: , List-Id: List-Unsubscribe: , List-Archive: To: Lohan Spies , netfilter@lists.netfilter.org This is a multi-part message in MIME format. ------=_NextPart_000_0077_01C393D4.459CCE40 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Messagehttp://p2pwall.sourceforge.net ----- Original Message -----=20 From: Lohan Spies=20 To: netfilter@lists.netfilter.org=20 Sent: Thursday, October 16, 2003 10:42 AM Subject: Block Kazaa from the internal network Hi All, How can i block ALL Kazaa connections from inside my network? Thanks, Lohan Spies=20 Systems Administrator CSA / DBA / MCP IQ Business Group Tel: +27 12 521 7309 Fax: +27 12 541 3441 Cell: +27 83 258 2698 l.spies@petzetakis-africa.co.za=20 =20 CONFIDENTIALITY CAUTION: If you have received this communication in = error, please note that it is intended for the addressee only, is = private and confidential and dissemination or copying prohibited. Please = notify us immediately by e-mail and return the original message. We = cannot assure that the integrity of this communication has been = maintained nor that it is free of errors, virus, interception or = interference. Thank you ------=_NextPart_000_0077_01C393D4.459CCE40 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Message

http://p2pwall.sourceforge.net

----- Original Message -----

From:=20 Lohan Spies

To: netfilter@lists.netfilter.o= rg=20

Sent: Thursday, October 16, = 2003 10:42=20 AM

Subject: Block Kazaa from the = internal=20 network

Hi=20 All,

How = can i block=20 ALL Kazaa connections from inside my network?

Thanks,

Lohan Spies=20

Systems=20 Administrator CSA / DBA /=20 MCP
IQ Business Group
Tel: = +27 12 521=20 7309
Fax: = +27 12 541=20 3441
Cell: = +27 83 258=20 2698
l.spies@petzetakis-africa= .co.za=20

CONFIDENTIALITY CAUTION: If you have received = this=20 communication in error, please note that it is intended for the = addressee=20 only, is private and confidential and dissemination or copying = prohibited.=20 Please notify us immediately by e-mail and return the original = message. We=20 cannot assure that the integrity of this communication has been = maintained nor=20 that it is free of errors, virus, interception or interference. Thank = you=20 ------=_NextPart_000_0077_01C393D4.459CCE40-- From mboxrd@z Thu Jan 1 00:00:00 1970 From: "Josh Berry" Subject: Re: Block Kazaa from the internal network Date: Thu, 16 Oct 2003 08:33:56 -0500 (CDT) Sender: netfilter-admin@lists.netfilter.org Message-ID: <30513.204.214.145.6.1066311236.squirrel@mail.linknet-solutions.com> References: <007a01c393cb$e4156f40$0900a8c0@lowth.com> Mime-Version: 1.0 Content-Transfer-Encoding: 8bit Return-path: In-Reply-To: <007a01c393cb$e4156f40$0900a8c0@lowth.com> Errors-To: netfilter-admin@lists.netfilter.org List-Help: List-Post: List-Subscribe: , List-Id: List-Unsubscribe: , List-Archive: Content-Type: text/plain; charset="us-ascii" To: Chris Lowth Cc: Lohan Spies , netfilter@lists.netfilter.org You could use a combination of Snort-Inline: http://sourceforge.net/projects/snort-inline/ and the rules that Snort has for Kazaa and other P2P stuff. And you could also use P2Pwall which is a P2P blocking module for IPTables: http://www.lowth.com/p2pwall/ > Messagehttp://p2pwall.sourceforge.net > ----- Original Message ----- > From: Lohan Spies > To: netfilter@lists.netfilter.org > Sent: Thursday, October 16, 2003 10:42 AM > Subject: Block Kazaa from the internal network > > > Hi All, > > How can i block ALL Kazaa connections from inside my network? > > Thanks, > > Lohan Spies > Systems Administrator CSA / DBA / MCP > IQ Business Group > Tel: +27 12 521 7309 > Fax: +27 12 541 3441 > Cell: +27 83 258 2698 > l.spies@petzetakis-africa.co.za > > > > > > CONFIDENTIALITY CAUTION: If you have received this communication in > error, please note that it is intended for the addressee only, is > private and confidential and dissemination or copying prohibited. Please > notify us immediately by e-mail and return the original message. We > cannot assure that the integrity of this communication has been > maintained nor that it is free of errors, virus, interception or > interference. Thank you Thanks, Josh Berry, CTO LinkNet-Solutions 469-831-8543 josh.berry@linknet-solutions.com From mboxrd@z Thu Jan 1 00:00:00 1970 From: Herman Subject: Re: Block Kazaa from the internal network Date: Thu, 16 Oct 2003 20:51:51 -0600 Sender: netfilter-admin@lists.netfilter.org Message-ID: <200310162051.51440.Herman@AerospaceSoftware.com> References: <007a01c393cb$e4156f40$0900a8c0@lowth.com> <30513.204.214.145.6.1066311236.squirrel@mail.linknet-solutions.com> Reply-To: Herman@AerospaceSoftware.com Mime-Version: 1.0 Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: <30513.204.214.145.6.1066311236.squirrel@mail.linknet-solutions.com> Content-Disposition: inline Errors-To: netfilter-admin@lists.netfilter.org List-Help: List-Post: List-Subscribe: , List-Id: List-Unsubscribe: , List-Archive: Content-Type: text/plain; charset="us-ascii" To: netfilter@lists.netfilter.org Here is something from a previous post: On Sun, 2003-10-12 at 11:35, Piotr P. wrote: > > Does any body know how to > block traffic with this word using iptables? iptables -A FORWARD -p udp -d 0/0 --dport 1024:65535 -m string --string "KaZaA" -j DROP should do the trick. HTH, C Cheers, Herman On Thursday 16 October 2003 7:33 am, Josh Berry wrote: You could use a combination of Snort-Inline: http://sourceforge.net/projects/snort-inline/ and the rules that Snort has for Kazaa and other P2P stuff. And you could also use P2Pwall which is a P2P blocking module for IPTables: http://www.lowth.com/p2pwall/ > Messagehttp://p2pwall.sourceforge.net > ----- Original Message ----- > From: Lohan Spies > To: netfilter@lists.netfilter.org > Sent: Thursday, October 16, 2003 10:42 AM > Subject: Block Kazaa from the internal network > > > Hi All, > > How can i block ALL Kazaa connections from inside my network? > > Thanks, > > Lohan Spies > Systems Administrator CSA / DBA / MCP > IQ Business Group > Tel: +27 12 521 7309 > Fax: +27 12 541 3441 > Cell: +27 83 258 2698 > l.spies@petzetakis-africa.co.za > > > > > > CONFIDENTIALITY CAUTION: If you have received this communication in > error, please note that it is intended for the addressee only, is > private and confidential and dissemination or copying prohibited. Please > notify us immediately by e-mail and return the original message. We > cannot assure that the integrity of this communication has been > maintained nor that it is free of errors, virus, interception or > interference. Thank you Thanks, Josh Berry, CTO LinkNet-Solutions 469-831-8543 josh.berry@linknet-solutions.com From mboxrd@z Thu Jan 1 00:00:00 1970 From: "George Vieira" Subject: RE: Block Kazaa from the internal network Date: Fri, 17 Oct 2003 13:09:36 +1000 Sender: netfilter-admin@lists.netfilter.org Message-ID: <09B04A55822EFF4DA48D2E0BB2941D4A15C50C@wardrive.citadelcomputer.com.au> Mime-Version: 1.0 Content-Transfer-Encoding: quoted-printable Return-path: content-class: urn:content-classes:message Errors-To: netfilter-admin@lists.netfilter.org List-Help: List-Post: List-Subscribe: , List-Id: List-Unsubscribe: , List-Archive: Content-Type: text/plain; charset="us-ascii" To: netfilter@lists.netfilter.org > iptables -A FORWARD -p udp -d 0/0 --dport 1024:65535 -m=20 > string --string > "KaZaA" -j DROP How about just blocking all UDP and allow only those needed?? saves = doing string matches on alot of ports.. I thought Kazaa used some TCP as well.. PS: Never seems to amaze me how many have Kazaa working and want to = switch it off and then there's the other half who want Kazaa and can't = get it working.... Beats me.. he he.. well actually I know why, = but............ Thanks, ____________________________________________ George Vieira Systems Manager georgev@citadelcomputer.com.au Citadel Computer Systems Pty Ltd http://www.citadelcomputer.com.au