[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Kazza problems
On Sat, 2003-02-22 at 09:52, Danny Kjærgaard wrote:
> I im trying to block out kazaa, i did some research on the net and i sound like it cant be done. I just wantede to hear if some of you guys have a solution that works.
> I blocked the tcp port 1214. But that doesnt work. And like i read in my search kazaa will do port jumps and end up using an other port.
> If some of you have a idea or anything on block og limiting kazaa pleas post.
Rather than attempting to block a few troublesome ports, why not block
all outgoing and only allow certain services (http, pop3, smtp, etc).
Not only does this [hopefully] solve your problem, but it will help to
discover unwanted traffic (worms, trojans, etc) that you might not
Keep in mind, however, that given enough time/effort/ingenuity, a
motivated individual can bypass your outbound limitations via various
tunneling methods. Software like Kazaa is notoriously good at finding
open holes. Another good alternative that's been discussed on the misc@
list recently is using authpf.
As Bob Beck put it:
'Authpf is the technical means to make it a social solution. Authpf
works because they know they'll be held accountable for what they do if
it becomes a problem, and it doesn't matter *how* they do it. Thinking
like a "let's block stuff" firewall administrator does not solve the
root of the problem.'