From: Raymond Leach <raymondl@knowledgefactory.co.za>
To: LunarFox <lunar@comcast.net>, 'netfilter' <netfilter@lists.samba.org>
Subject: Re: block Kazaa download
Date: Tue, 4 Jun 2002 07:50:47 +0200 [thread overview]
Message-ID: <200206040750.48242.raymondl@knowledgefactory.co.za> (raw)
In-Reply-To: <000301c20b79$c12c00b0$0200a8c0@JEFF>
><snip>
> anybody has a sample how to block Kazaa download?
>
> KaZaA appears to listen on port 1214. So if you block that port
> *inbound* to your machine, in theory no one should be able to download
> FROM you. Of course, you can also just tell the program not to share
> files.
>
> If you block *outbound* connections to 1214, your users should be not
> able to download from anyone ELSE. At least, that's my limited
> understanding of it, I could be completely wrong. ;)
>
> Shouldn't hurt to try one of these rules, depending on which way you're
> trying to block:
>
> $IPT -A INPUT -p tcp --dport 1214 -j DROP # Avoid people downloading
> from you, and/or
> $IPT -A OUTPUT -p tcp --dport 1214 -j DROP # Block your users from
> downloading via KaZaA
>
> I use the first rule above, because I was sick and tired of seeing
> logged packets being dropped when I wasn't even running the client.
>
> The usual caveat: people are often able to get around fixed port
> assignments and your blocking of same. I don't know if the main KaZaA
> client can do this, but I suspect it wouldn't be too hard to hack it
> (consider what's been done with KaZaA Lite).
>
I think the latest kazaa can use http proxies too, so you'll need to block
that too (with squidGuard or something similar).
> HTH,
>
> Jeff Bonner
--
----------------------------------------
Ray Leach (Technical Network Specialist)
Knowledge Factory
www: http://www.knowledgefactory.co.za
Tel: +27-11-445-8100 Direct: 445-8263
Fax: +27-11-445-8101
"No matter where you go, there you are."
----------------------------------------
next prev parent reply other threads:[~2002-06-04 5:50 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-06-04 2:45 Web based Netfilter Frontend? Fred Richards
2002-06-04 15:07 ` block Kazaa download Allan Parreno
2002-06-04 3:41 ` LunarFox
2002-06-04 5:50 ` Raymond Leach [this message]
2002-06-04 7:42 ` Erik Pagel
2002-06-04 14:56 ` Jeff Bonner
2002-06-04 20:40 ` Tim
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200206040750.48242.raymondl@knowledgefactory.co.za \
--to=raymondl@knowledgefactory.co.za \
--cc=lunar@comcast.net \
--cc=netfilter@lists.samba.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox