I bought a device called a PacketHound to take care of my Napster problem. It kills the traffic. It also takes care of other P2P apps like Gnutella. Love it. It does the job and it does not cost a fortune. www.palisadesys.com LUC - -----Original Message----- From: Karim K Ismail/Toronto/IBM [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 01, 2001 5:57 PM To: fw-1-mailinglist Subject: [FW1] Napster - how does it work at port level? hello does anyone know how napster is able to work from behind the firewall, even though the firewall doesn't permit any outbound tcp high-ports and also drops all traffic initiated from outside? if i am correct, by the laws of TCP/IP, the only thing coming back should be on the same established connection, and that would be governed by what you allow outbound on your firewall. i don't permit any inbound traffic, and yet have users able to use napster. the only ports i allow outbound are http/https. is it possible that napster sets itself up such that it does its peer-to-peer file-sharing through any available open port, in this case tcp/80 and 443? any feedback would be appreciated! rgds, - -k __________________________________________________ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/ ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================