RE: [FW1] How to block MP3 download

Thu, 29 Jun 2000 12:44:23 -0700 


You can't block the naspter port (dynamic), so blocking access to the
catalog servers is what is recommended (or manipulating DNS)

What you have below are the Napster domains. Add all domains to a group and
block traffic to the group.

Thomas Poole

-----Original Message-----
From: John Banta [mailto:[EMAIL PROTECTED]]
Sent: Thursday, June 22, 2000 12:40 PM
To: [EMAIL PROTECTED]
Subject: RE: [FW1] How to block MP3 download



At 05:27 PM 6/21/00, you wrote:
><snip...>
>The fix at www.phoneboy.com/fw1/faq/0386.html only lists the following 5
IPs
>
>208.178.163.56/255.255.255.248
>208.178.175.128/255.255.255.248
>208.49.239.240/255.255.255.240
>208.49.228.0/255.255.255.0
>208.184.216.0/255.255.255.0
><snip...>

I am new to this list, having just installed my first FW-1 this last week, 
but as this seems to be an active thread I'm going to break the 'newbie 
shut-up and listen' protocol to ask a question. What is wrong with what I 
did? I went out and did a search on port values for Gnutella and Napster 
and found the following:

Napster : 6688, 6699, 7777, 8875 and 8888
Gnutella: 6346
BO2K: 31336, 31337 (eleet, how lame can you get?)

I then defined these as Services and built a policy of Any;Any;'The 
above-mentioned services';Drop

Is this Ok? Is it better than trying to drop the Napster servers whose DNS 
entries seem to be fluid? Or am I risking dropping other protocols that are 
being remapped to different ports by my hide address proxying?


John Banta - Geophysicist
Bass Enterprises Production Co.
voice: (817) 390-8594 fax: (817) 390-8626



============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================
====


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Reply via email to