From: Scott Radvan <scott@radsy.com>
To: netfilter@lists.netfilter.org
Subject: Re: block kazaa
Date: Wed, 26 Mar 2003 01:27:10 +1000 [thread overview]
Message-ID: <20030326012710.2c9f4e37.scott@radsy.com> (raw)
In-Reply-To: <20030325144636.21700.qmail@web80403.mail.yahoo.com>
On Tue, 25 Mar 2003 14:46:36 +0000 (GMT)
realsite internetcafe <realsiteinternetcafe@yahoo.com> wrote:
> according to many port 1214 is kazaa's port, not until
> i monitored my lan, it changes from time to time! now
> how do i disable kazaa from my network? any other way?
>
> blocking kazaa is my last resort, but what i want is
> just to limit the workstations' internet bandwidth if
> kazaa is used. ive tried cbq and tc but my kernel
> doesnt seem to support it RTNETLINK: Invalid Argument
> ??
>
> well whats important is i need tips.. any better suggestion?
It is true that in more recent versions of KaZaA and KaZaALite, the incoming port can be modified to work on whatever is asked of it.
I assume by your sender address that you are in control of an Internet cafe.
One thing that's possible is to perform some sort of registry hack to disable the 'options' setting of kazaa. That way you can be sure that Kazaa will only connect at 1214, and can take control of it. Obviously, change them all to port 1214 and other settings that you want as standard, then implement a reg-hack across the clients, so that the port can't be changed. Not my area, but I imagine that's a decent option. Try to beat it at the client-end. Also, consider reverting to older clients that don't give the option of changing ports. Keep in mind you may not be able to log onto the KaZaA network with these older client versions.
However, KaZaA has gotten markedly difficult to firewall, filter and monitor at the server/gateway end, thanks to this port flexibility. If you can't reg-hack the thing, my wild guess would be to examine the TCP transmission techniques to see if anything is done differently in Kazaa than any other app. You _may_ be able to then filter based on this. Throw Ethereal on and see if you can filter Kazaa-like traffic. I could be, and most likely am, glaringly wrong on this one.
I am unaware of any specific netfilter technique to simply block the newer versions of kazaa. Wish I could help you further. Good Luck.
=====
"I don't like spinach, and I'm glad I don't, because if I liked it I'd
eat it, and I just hate it."
-- Clarence Darrow
=====
next prev parent reply other threads:[~2003-03-25 15:27 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-03-25 14:46 block kazaa realsite internetcafe
2003-03-25 15:27 ` Scott Radvan [this message]
2003-03-25 15:57 ` Maciej Soltysiak
2003-03-26 5:22 ` Raymond Leach
[not found] <20030325183312.2501.87766.Mailman@kashyyyk>
2003-03-25 21:27 ` paulc
2003-03-25 21:45 ` Kelly Setzer
2003-03-26 5:30 ` Raymond Leach
2003-03-26 8:14 ` Paul Colclough
2003-03-26 15:06 ` Kelly Setzer
2003-03-26 15:14 ` Raymond Leach
-- strict thread matches above, loose matches on Subject: below --
2003-03-27 21:14 per j
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20030326012710.2c9f4e37.scott@radsy.com \
--to=scott@radsy.com \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox