Re: block kazaa - Kelly Setzer

Linux Netfilter discussions
 help / color / mirror / Atom feed

From: Kelly Setzer <Kelly.Setzer@placemark.com>
To: Raymond Leach <raymondl@knowledgefactory.co.za>
Cc: Netfilter Mailing List <netfilter@lists.netfilter.org>
Subject: Re: block kazaa
Date: Wed, 26 Mar 2003 09:06:59 -0600	[thread overview]
Message-ID: <20030326150659.GA29683@placemark.com> (raw)
In-Reply-To: <1048656618.6605.13.camel@raylinux.internal>

On Wed, Mar 26, 2003 at 07:30:19AM +0200, Raymond Leach wrote:
> On Tue, 2003-03-25 at 23:27, paulc@ibiblio.org wrote:
> > The way I block Kazaa (and the other file sharing applications) is a 
> > blanket ban on all ports by default. I then open the ports as I think is 
> > appropriate at the firewall. These only include the port 23 for anyone 
> > wishing to use telnet. All web and ftp style ports on 80, 21 and the like 
> > are handled by a web-proxy to prevent using them for other purposes. All 
> > incoming connects (and lots of ICMP messages) are dropped by the firewall also.
> > 
> How do you get passive ftp to work and not allow file sharing networks?

Do you mean active ftp?  Passive ftp uses outbound connections for
both control (20) and data (21).  Active ftp uses an inbound
connection on port 21.  Force your users to use passive ftp only.
Most clients default to that anyway.

Kelly

--
Kelly Setzer, System Administrator/Architect - Placemark Investments
14180 Dallas Pkwy, Suite 200, Dallas, TX 75240
kelly.setzer@placemark.com  http://www.placemark.com
(972)404-8100x41 (work)       (214) 287-3464 (cell)

next prev parent reply	other threads:[~2003-03-26 15:06 UTC|newest]

Thread overview: 11+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <20030325183312.2501.87766.Mailman@kashyyyk>
2003-03-25 21:27 ` block kazaa paulc
2003-03-25 21:45   ` Kelly Setzer
2003-03-26  5:30   ` Raymond Leach
2003-03-26  8:14     ` Paul Colclough
2003-03-26 15:06     ` Kelly Setzer [this message]
2003-03-26 15:14       ` Raymond Leach
2003-03-27 21:14 per j
  -- strict thread matches above, loose matches on Subject: below --
2003-03-25 14:46 realsite internetcafe
2003-03-25 15:27 ` Scott Radvan
2003-03-25 15:57   ` Maciej Soltysiak
2003-03-26  5:22     ` Raymond Leach

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20030326150659.GA29683@placemark.com \
    --to=kelly.setzer@placemark.com \
    --cc=netfilter@lists.netfilter.org \
    --cc=raymondl@knowledgefactory.co.za \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox