Hello Hunter,
You'll need a FW that is Content Aware. PIX is fine, but I don't think the
IOS FW feature can do that at this time.
The reason for that (Content Aware) is because you'll need to look into the
packet (i.e. L5-7) in order to see if the user is doing a "get" or "put"
(for FTP/HTTP for example).
I'm not sure what protocols NAPSTER uses, but from the previous answers,
it's my understanding that it will use http as one of the options. If so,
depending how your rules look today, you'll need a rule to deny http put or
post to the NAPSTER servers (IPs) before the rule that allows http traffic
to the internet in addition to any other protocol that NAPSTER might use.
I never used PIX (my background is Checkpoint FW-1) so I cannot tell you the
syntax, but the logic is the same for every FW. Checkpoint call it Content
Security.
Good luck.
-----Original Message-----
From: Dorroh, Hunter [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, October 03, 2000 12:17 AM
To: [EMAIL PROTECTED]
Subject: RE: Napster Question
Hello everyone,
I searched through the archives and found lots of good information on
blocking but I did not see anything on the possibility of allowing users to
connect to Napster and download music but NOT be permitted to upload. Any
thoughts on how to allow this to happen via PIX or IOS FW? I was thinking
this might limit a company's legal exposure.
Thanks,
Hunter
-----Original Message-----
From: Trevor Corness, CCNA [mailto:[EMAIL PROTECTED]]
Sent: Friday, September 29, 2000 3:49 PM
To: Hal White; [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: RE: Napster Question
The list went through this several times already.
Blocking ports 4444, 5555, 6666, 7777 is useless.. since Beta6, Napster has
been able to work on ANY port, INCLUDING 80.. so to kill Napster, you would
have to kill all access to http/tcp80.. NOT good. Blocking the IPs is the
best and most thorough solution at this time.
Also, besides blocking the access to the main Napster sites will block most
users, and for those that go around it, there should be a user policy in
place. It is not totally your job to govern what the users do and do not
do.. the users should also be held responsible. Put a political policy in
place, and if it is broken by a user by using something such as opennap,
discipline from management will solve this issue.
Regards,
Trevor Corness, CCNA MCSE MCP+I
Network Systems Engineer, DataCom
BMS Communications Ltd.
http://www.bmscom.com
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Hal White
Sent: Friday, September 29, 2000 11:55 AM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: RE: Napster Question
Blocking these IP addresses will only block users from accessing the main
napster servers and will not block access to other napster servers, such as,
opennap, which can be found easily by using the napigator program. The best
way to block Napster is to block the ports that the client uses which are
4444,5555,6666,7777. Don't quote me on these ports because I can't find my
documentation at the moment, but I think they are right.
Hal
>From: "Fowler, Joey" <[EMAIL PROTECTED]>
>Reply-To: "Fowler, Joey" <[EMAIL PROTECTED]>
>To: [EMAIL PROTECTED]
>Subject: RE: Napster Question
>Date: Fri, 29 Sep 2000 13:15:19 -0400
>
>If you search the archives it has some info on this, but I just implemented
>it this morning and it seems to working here. If you are using PIX firewall
>(or any other) create an access list using the outbound and apply commands
>to block the following addresses:
>
>208.184.216.0 /24
>208.178.167.0 /24
>208.178.163.61
>208.184.175.130
>208.184.175.131
>208.184.175.132
>208.184.175.134
>208.49.239.242
>208.49.239.247
>208.49.239.248
>
>People will start wandering by your desk asking if you've ever heard a
>program called Napster. I personally like to dumb.
>
>Joey
>
>-----Original Message-----
>From: Tom Pruneau [mailto:[EMAIL PROTECTED]]
>Sent: Friday, September 29, 2000 12:29 PM
>To: [EMAIL PROTECTED]
>Subject: Napster Question
>
>
>Greetings Group
>
>Does anyone know what ports Napster usies for handshaking?
>Inbound, outbound port number?
>What would it take to block Napster?
>
>
>Thanks
>
>Tom Pruneau
>Trainer Network Operations
>GENUITY
>3 Van de Graff Drive Burlington Ma. 01803
>24 Hr. Network Operations Center 800-436-8489
>If you need to get a hold of me my hours are 7AM-3PM ET Mon-Fri
>
>---------------------------------------------------------------------------
>This email is composed of 82% post consumer recycled data bits
>---------------------------------------------------------------------------
>
>"Once in a while you get shown the light
>in the strangest of places if you look at it right"
>
>**NOTE: New CCNA/CCDA List has been formed. For more information go to
>http://www.groupstudy.com/list/Associates.html
>_________________________________
>UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
>FAQ, list archives, and subscription info: http://www.groupstudy.com
>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
_________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
Share information about yourself, create your own public profile at
http://profiles.msn.com.
**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_________________________________
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_________________________________
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_________________________________
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
