RE: Napster Question
The list went through this several times already. Blocking ports , , , is useless.. since Beta6, Napster = has been able to work on ANY port, INCLUDING 80.. so to kill Napster, you = would have to kill all access to http/tcp80.. NOT good. Blocking the IPs is = the best and most thorough solution at this time. Also, besides blocking the access to the main Napster sites will block = most users, and for those that go around it, there should be a user policy in place. It is not totally your job to govern what the users do and do = not do.. the users should also be held responsible. Put a political policy = in place, and if it is broken by a user by using something such as opennap, discipline from management will solve this issue. Regards, Trevor Corness, CCNA MCSE MCP+I Network Systems Engineer, DataCom BMS Communications Ltd. http://www.bmscom.com -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Hal White Sent: Friday, September 29, 2000 11:55 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Napster Question Blocking these IP addresses will only block users from accessing the = main napster servers and will not block access to other napster servers, such = as, opennap, which can be found easily by using the napigator program. The = best way to block Napster is to block the ports that the client uses which = are ,,,. Don't quote me on these ports because I can't find = my documentation at the moment, but I think they are right. Hal >From: "Fowler, Joey" <[EMAIL PROTECTED]> >Reply-To: "Fowler, Joey" <[EMAIL PROTECTED]> >To: [EMAIL PROTECTED] >Subject: RE: Napster Question >Date: Fri, 29 Sep 2000 13:15:19 -0400 > >If you search the archives it has some info on this, but I just = implemented >it this morning and it seems to working here. If you are using PIX = firewall >(or any other) create an access list using the outbound and apply = commands >to block the following addresses: > >208.184.216.0 /24 >208.178.167.0 /24 >208.178.163.61 >208.184.175.130 >208.184.175.131 >208.184.175.132 >208.184.175.134 >208.49.239.242 >208.49.239.247 >208.49.239.248 > >People will start wandering by your desk asking if you've ever heard a >program called Napster. I personally like to dumb. > >Joey > >-Original Message- >From: Tom Pruneau [mailto:[EMAIL PROTECTED]] >Sent: Friday, September 29, 2000 12:29 PM >To: [EMAIL PROTECTED] >Subject: Napster Question > > >Greetings Group > >Does anyone know what ports Napster usies for handshaking? >Inbound, outbound port number? >What would it take to block Napster? > > >Thanks > >Tom Pruneau >Trainer Network Operations >GENUITY >3 Van de Graff Drive Burlington Ma. 01803 >24 Hr. Network Operations Center 800-436-8489 >If you need to get a hold of me my hours are 7AM-3PM ET Mon-Fri > >= --- >This email is composed of 82% post consumer recycled data bits >= --- > >"Once in a while you get shown the light >in the strangest of places if you look at it right" > >**NOTE: New CCNA/CCDA List has been formed. For more information go to >http://www.groupstudy.com/list/Associates.html >_ >UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html >FAQ, list archives, and subscription info: http://www.groupstudy.com >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _= Get Your Private, Free E-mail from MSN Hotmail at = http://www.hotmail.com. Share information about yourself, create your own public profile at http://profiles.msn.com. **NOTE: New CCNA/CCDA List has been formed. For more information go to http://www.groupstudy.com/list/Associates.html _ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Napster Question
I'll agree with Jeff in that Napters/Scour or any client/server technology can use HTTP to transfer files across most firewalls. But even with MIME content-type filtering, this would not prevent someone from sending a MP3 declared as a GIF between custom "web" clients and servers. The only way fully block Web based Napster types is to look inside the MIME files further to detect MP3 patterns (are there any?) in the files (yuck) or return to text only (with tags of course). There goes the GIFs :-) Or we can adapt to the situation and seriously examine of efficiency and cost of the current music distribution "INDUSTRY". Personally, "I want to pay for the songs I listen and I also want to pay for people creating playlists. Lastly, I'll pay for the delivery (the Internet), [has anyone figure out what a 10 minute songs costs in terms of bandwidth? MP3 would chew up our link if we didn't limit it through QOS.] I'll give each of these portions of the music delivery a few cents" In sort: "Take the INDUSTRY out of the RECORDING" nuff rambling. The Internet: Resistance is futile, you have already been assimilated :) [EMAIL PROTECTED] On Tue, 3 Oct 2000, Jeff Kell wrote: > Date: Tue, 03 Oct 2000 22:23:10 -0400 > From: Jeff Kell <[EMAIL PROTECTED]> > To: Tom Pruneau <[EMAIL PROTECTED]> > Cc: "Dorroh, Hunter" <[EMAIL PROTECTED]>, [EMAIL PROTECTED] > Subject: Re: Napster Question > > Tom Pruneau wrote: > > > > How about just permitting established connections. That should do > > it, only allowing responses to you requests > > You're missing the point. Napster can work around much of this. Scour > certainly can (it has "push" capability, using an established > connection), and Scour fully supports HTTP protocol. You would have to > filter based on HTTP transfer, and MIME content-type to really block it > completely. > > Blocking access to the "Napster" servers only blocks access to the index > servers. Actual file transfers don't involve the Napster netblock > (AFAIK). Then there is Napigator (out-of-band Napster index servers). > > It will likely only get worse :-( > > Jeff Kell <[EMAIL PROTECTED]> > > **NOTE: New CCNA/CCDA List has been formed. For more information go to > http://www.groupstudy.com/list/Associates.html > _ > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > **NOTE: New CCNA/CCDA List has been formed. For more information go to http://www.groupstudy.com/list/Associates.html _ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Napster Question
The easiest way to circumvent the whole napster problem is to put into effect a security policy that states that anyone caught downloading .mp3's and anything else similar in function will be held accountable with their jobs etc. Just make sure you get the backing of the big-wigs before you go yelling. - Original Message - From: Jeff Kell <[EMAIL PROTECTED]> To: Tom Pruneau <[EMAIL PROTECTED]> Cc: Dorroh, Hunter <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Tuesday, October 03, 2000 7:20 PM Subject: Re: Napster Question > Tom Pruneau wrote: > > > > How about just permitting established connections. That should do > > it, only allowing responses to you requests > > You're missing the point. Napster can work around much of this. Scour > certainly can (it has "push" capability, using an established > connection), and Scour fully supports HTTP protocol. You would have to > filter based on HTTP transfer, and MIME content-type to really block it > completely. > > Blocking access to the "Napster" servers only blocks access to the index > servers. Actual file transfers don't involve the Napster netblock > (AFAIK). Then there is Napigator (out-of-band Napster index servers). > > It will likely only get worse :-( > > Jeff Kell <[EMAIL PROTECTED]> > > **NOTE: New CCNA/CCDA List has been formed. For more information go to > http://www.groupstudy.com/list/Associates.html > _ > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > **NOTE: New CCNA/CCDA List has been formed. For more information go to http://www.groupstudy.com/list/Associates.html _ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Napster Question
Tom Pruneau wrote: > > How about just permitting established connections. That should do > it, only allowing responses to you requests You're missing the point. Napster can work around much of this. Scour certainly can (it has "push" capability, using an established connection), and Scour fully supports HTTP protocol. You would have to filter based on HTTP transfer, and MIME content-type to really block it completely. Blocking access to the "Napster" servers only blocks access to the index servers. Actual file transfers don't involve the Napster netblock (AFAIK). Then there is Napigator (out-of-band Napster index servers). It will likely only get worse :-( Jeff Kell <[EMAIL PROTECTED]> **NOTE: New CCNA/CCDA List has been formed. For more information go to http://www.groupstudy.com/list/Associates.html _ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Napster Question
Tom Pruneau wrote: > > How about just permitting established connections. That should do > it, only allowing responses to you requests You're missing the point. Napster can work around much of this. Scour certainly can (it has "push" capability, using an established connection), and Scour fully supports HTTP protocol. You would have to filter based on HTTP transfer, and MIME content-type to really block it completely. Blocking access to the "Napster" servers only blocks access to the index servers. Actual file transfers don't involve the Napster netblock (AFAIK). Then there is Napigator (out-of-band Napster index servers). It will likely only get worse :-( Jeff Kell <[EMAIL PROTECTED]> **NOTE: New CCNA/CCDA List has been formed. For more information go to http://www.groupstudy.com/list/Associates.html _ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Napster Question
I know very little about the PIX firewalls, (Though I'd love to learn!) What we've done at our location is to Block all of the Ip's belonging to Napster.com, and we scan the users home directories for MP3's at night when we do the backup. If any are found, the owner of the file is contacted, Warned that they are in violation of the Microcomputer Standards Agreement, and give them the opportunity to contribute to the "Buy more Internet Bandwidth" fund. (Then we randomly delete files from their PC over the next few weeks without their knowledge. When it breaks, we blame Napster!) Wait, no... that's what I wish we could do. Really we just block the napster.com Ip's. Good luck [EMAIL PROTECTED] Original Message Follows From: "Dorroh, Hunter" <[EMAIL PROTECTED]> To: 'Ejay Hire' <[EMAIL PROTECTED]> Subject: RE: Napster Question Date: Tue, 3 Oct 2000 11:06:33 -0400 Ejay, Using the PIX 520 would I be able to use content checking i.e. L5-7 and stop it then? That darn tricky software... we must stop it now :) Hunter -Original Message- From: Ejay Hire [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 03, 2000 11:00 AM To: [EMAIL PROTECTED] Subject: RE: Napster Question Napster is a very dynamic piece of software. If you deny incoming connections on the napster File Transfer ports, but allow established, then the Napster software inside your network will open a connection for the transfer and then let the client download. Very sneaky/cool. Original Message Follows From: "Dorroh, Hunter" <[EMAIL PROTECTED]> Reply-To: "Dorroh, Hunter" <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: RE: Napster Question Date: Tue, 3 Oct 2000 00:16:48 -0400 Hello everyone, I searched through the archives and found lots of good information on blocking but I did not see anything on the possibility of allowing users to connect to Napster and download music but NOT be permitted to upload. Any thoughts on how to allow this to happen via PIX or IOS FW? I was thinking this might limit a company's legal exposure. Thanks, Hunter -Original Message- From: Trevor Corness, CCNA [mailto:[EMAIL PROTECTED]] Sent: Friday, September 29, 2000 3:49 PM To: Hal White; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Napster Question The list went through this several times already. Blocking ports , , , is useless.. since Beta6, Napster has been able to work on ANY port, INCLUDING 80.. so to kill Napster, you would have to kill all access to http/tcp80.. NOT good. Blocking the IPs is the best and most thorough solution at this time. Also, besides blocking the access to the main Napster sites will block most users, and for those that go around it, there should be a user policy in place. It is not totally your job to govern what the users do and do not do.. the users should also be held responsible. Put a political policy in place, and if it is broken by a user by using something such as opennap, discipline from management will solve this issue. Regards, Trevor Corness, CCNA MCSE MCP+I Network Systems Engineer, DataCom BMS Communications Ltd. http://www.bmscom.com -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Hal White Sent: Friday, September 29, 2000 11:55 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Napster Question Blocking these IP addresses will only block users from accessing the main napster servers and will not block access to other napster servers, such as, opennap, which can be found easily by using the napigator program. The best way to block Napster is to block the ports that the client uses which are ,,,. Don't quote me on these ports because I can't find my documentation at the moment, but I think they are right. Hal >From: "Fowler, Joey" <[EMAIL PROTECTED]> >Reply-To: "Fowler, Joey" <[EMAIL PROTECTED]> >To: [EMAIL PROTECTED] >Subject: RE: Napster Question >Date: Fri, 29 Sep 2000 13:15:19 -0400 > >If you search the archives it has some info on this, but I just implemented >it this morning and it seems to working here. If you are using PIX firewall >(or any other) create an access list using the outbound and apply commands >to block the following addresses: > >208.184.216.0 /24 >208.178.167.0 /24 >208.178.163.61 >208.184.175.130 >208.184.175.131 >208.184.175.132 >208.184.175.134 >208.49.239.242 >208.49.239.247 >208.49.239.248 > >People will start wandering by your desk asking if you've ever heard a >program called Napster. I personally like to dumb. > >Joey > >-Original Message- >From: Tom Pruneau [mailto:[EMAIL PROTECTED]] >Sent: Friday, S
RE: Napster Question
I just want to configure my client to connect to the napster server. >>> "Spolidoro, Guilherme" <[EMAIL PROTECTED]> 10/03/00 09:20AM >>> Hello Hunter, You'll need a FW that is Content Aware. PIX is fine, but I don't think the IOS FW feature can do that at this time. The reason for that (Content Aware) is because you'll need to look into the packet (i.e. L5-7) in order to see if the user is doing a "get" or "put" (for FTP/HTTP for example). I'm not sure what protocols NAPSTER uses, but from the previous answers, it's my understanding that it will use http as one of the options. If so, depending how your rules look today, you'll need a rule to deny http put or post to the NAPSTER servers (IPs) before the rule that allows http traffic to the internet in addition to any other protocol that NAPSTER might use. I never used PIX (my background is Checkpoint FW-1) so I cannot tell you the syntax, but the logic is the same for every FW. Checkpoint call it Content Security. Good luck. -Original Message- From: Dorroh, Hunter [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 03, 2000 12:17 AM To: [EMAIL PROTECTED] Subject: RE: Napster Question Hello everyone, I searched through the archives and found lots of good information on blocking but I did not see anything on the possibility of allowing users to connect to Napster and download music but NOT be permitted to upload. Any thoughts on how to allow this to happen via PIX or IOS FW? I was thinking this might limit a company's legal exposure. Thanks, Hunter -Original Message- From: Trevor Corness, CCNA [mailto:[EMAIL PROTECTED]] Sent: Friday, September 29, 2000 3:49 PM To: Hal White; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Napster Question The list went through this several times already. Blocking ports , , , is useless.. since Beta6, Napster has been able to work on ANY port, INCLUDING 80.. so to kill Napster, you would have to kill all access to http/tcp80.. NOT good. Blocking the IPs is the best and most thorough solution at this time. Also, besides blocking the access to the main Napster sites will block most users, and for those that go around it, there should be a user policy in place. It is not totally your job to govern what the users do and do not do.. the users should also be held responsible. Put a political policy in place, and if it is broken by a user by using something such as opennap, discipline from management will solve this issue. Regards, Trevor Corness, CCNA MCSE MCP+I Network Systems Engineer, DataCom BMS Communications Ltd. http://www.bmscom.com -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Hal White Sent: Friday, September 29, 2000 11:55 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Napster Question Blocking these IP addresses will only block users from accessing the main napster servers and will not block access to other napster servers, such as, opennap, which can be found easily by using the napigator program. The best way to block Napster is to block the ports that the client uses which are ,,,. Don't quote me on these ports because I can't find my documentation at the moment, but I think they are right. Hal >From: "Fowler, Joey" <[EMAIL PROTECTED]> >Reply-To: "Fowler, Joey" <[EMAIL PROTECTED]> >To: [EMAIL PROTECTED] >Subject: RE: Napster Question >Date: Fri, 29 Sep 2000 13:15:19 -0400 > >If you search the archives it has some info on this, but I just implemented >it this morning and it seems to working here. If you are using PIX firewall >(or any other) create an access list using the outbound and apply commands >to block the following addresses: > >208.184.216.0 /24 >208.178.167.0 /24 >208.178.163.61 >208.184.175.130 >208.184.175.131 >208.184.175.132 >208.184.175.134 >208.49.239.242 >208.49.239.247 >208.49.239.248 > >People will start wandering by your desk asking if you've ever heard a >program called Napster. I personally like to dumb. > >Joey > >-Original Message- >From: Tom Pruneau [mailto:[EMAIL PROTECTED]] >Sent: Friday, September 29, 2000 12:29 PM >To: [EMAIL PROTECTED] >Subject: Napster Question > > >Greetings Group > >Does anyone know what ports Napster usies for handshaking? >Inbound, outbound port number? >What would it take to block Napster? > > >Thanks > >Tom Pruneau >Trainer Network Operations >GENUITY >3 Van de Graff Drive Burlington Ma. 01803 >24 Hr. Network Operations Center 800-436-8489 >If you need to get a hold of me my hours are 7AM-3PM ET Mon-Fri > >--- >This email is composed o
RE: Napster Question
Hello Hunter, You'll need a FW that is Content Aware. PIX is fine, but I don't think the IOS FW feature can do that at this time. The reason for that (Content Aware) is because you'll need to look into the packet (i.e. L5-7) in order to see if the user is doing a "get" or "put" (for FTP/HTTP for example). I'm not sure what protocols NAPSTER uses, but from the previous answers, it's my understanding that it will use http as one of the options. If so, depending how your rules look today, you'll need a rule to deny http put or post to the NAPSTER servers (IPs) before the rule that allows http traffic to the internet in addition to any other protocol that NAPSTER might use. I never used PIX (my background is Checkpoint FW-1) so I cannot tell you the syntax, but the logic is the same for every FW. Checkpoint call it Content Security. Good luck. -Original Message- From: Dorroh, Hunter [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 03, 2000 12:17 AM To: [EMAIL PROTECTED] Subject: RE: Napster Question Hello everyone, I searched through the archives and found lots of good information on blocking but I did not see anything on the possibility of allowing users to connect to Napster and download music but NOT be permitted to upload. Any thoughts on how to allow this to happen via PIX or IOS FW? I was thinking this might limit a company's legal exposure. Thanks, Hunter -Original Message- From: Trevor Corness, CCNA [mailto:[EMAIL PROTECTED]] Sent: Friday, September 29, 2000 3:49 PM To: Hal White; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Napster Question The list went through this several times already. Blocking ports , , , is useless.. since Beta6, Napster has been able to work on ANY port, INCLUDING 80.. so to kill Napster, you would have to kill all access to http/tcp80.. NOT good. Blocking the IPs is the best and most thorough solution at this time. Also, besides blocking the access to the main Napster sites will block most users, and for those that go around it, there should be a user policy in place. It is not totally your job to govern what the users do and do not do.. the users should also be held responsible. Put a political policy in place, and if it is broken by a user by using something such as opennap, discipline from management will solve this issue. Regards, Trevor Corness, CCNA MCSE MCP+I Network Systems Engineer, DataCom BMS Communications Ltd. http://www.bmscom.com -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Hal White Sent: Friday, September 29, 2000 11:55 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Napster Question Blocking these IP addresses will only block users from accessing the main napster servers and will not block access to other napster servers, such as, opennap, which can be found easily by using the napigator program. The best way to block Napster is to block the ports that the client uses which are ,,,. Don't quote me on these ports because I can't find my documentation at the moment, but I think they are right. Hal >From: "Fowler, Joey" <[EMAIL PROTECTED]> >Reply-To: "Fowler, Joey" <[EMAIL PROTECTED]> >To: [EMAIL PROTECTED] >Subject: RE: Napster Question >Date: Fri, 29 Sep 2000 13:15:19 -0400 > >If you search the archives it has some info on this, but I just implemented >it this morning and it seems to working here. If you are using PIX firewall >(or any other) create an access list using the outbound and apply commands >to block the following addresses: > >208.184.216.0 /24 >208.178.167.0 /24 >208.178.163.61 >208.184.175.130 >208.184.175.131 >208.184.175.132 >208.184.175.134 >208.49.239.242 >208.49.239.247 >208.49.239.248 > >People will start wandering by your desk asking if you've ever heard a >program called Napster. I personally like to dumb. > >Joey > >-Original Message- >From: Tom Pruneau [mailto:[EMAIL PROTECTED]] >Sent: Friday, September 29, 2000 12:29 PM >To: [EMAIL PROTECTED] >Subject: Napster Question > > >Greetings Group > >Does anyone know what ports Napster usies for handshaking? >Inbound, outbound port number? >What would it take to block Napster? > > >Thanks > >Tom Pruneau >Trainer Network Operations >GENUITY >3 Van de Graff Drive Burlington Ma. 01803 >24 Hr. Network Operations Center 800-436-8489 >If you need to get a hold of me my hours are 7AM-3PM ET Mon-Fri > >--- >This email is composed of 82% post consumer recycled data bits >--- > >"Once in a while you get shown the light >in the stranges
RE: Napster Question
I think the key is to allow outbound packets to the Napster servers and other PCs on the Internet, but not allowing external PCs to establish a connection to your users' PCs. Find out the ports that a PC running Napster is listening on, and then block those at the FW. A PIX should do this by default, unless you specifically added a conduit statement to allow Napster. The access list on the outside interface of a router with FW FS should not allow inbound Napster connections. On the Napster client, you'll need to pick the 'I'm behind a firewall, and can't do anything about it' (or something like that) option. I'm blocking Napster both ways at work, so I can't test it for you. HTH Chuck Church CCNP, CCDP, MCNE, MCSE Sr. Network Engineer Magnacom Technologies 140 N. Rt. 303 Valley Cottage, NY 10989 845-267-4000 x218 >Hello everyone, > >I searched through the archives and found lots of good information on >blocking but I did not see anything on the possibility of allowing users to >connect to Napster and download music but NOT be permitted to upload. **NOTE: New CCNA/CCDA List has been formed. For more information go to http://www.groupstudy.com/list/Associates.html _ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Napster Question
How about just permitting established connections. That should do it, only allowing responses to you requests At 12:16 AM 10/03/2000 -0400, Dorroh, Hunter wrote: >Hello everyone, > >I searched through the archives and found lots of good information on >blocking but I did not see anything on the possibility of allowing users to >connect to Napster and download music but NOT be permitted to upload. Any >thoughts on how to allow this to happen via PIX or IOS FW? I was thinking >this might limit a company's legal exposure. > >Thanks, > >Hunter > >-Original Message- >From: Trevor Corness, CCNA [mailto:[EMAIL PROTECTED]] >Sent: Friday, September 29, 2000 3:49 PM >To: Hal White; [EMAIL PROTECTED]; [EMAIL PROTECTED] >Subject: RE: Napster Question > > >The list went through this several times already. > >Blocking ports , , , is useless.. since Beta6, Napster has >been able to work on ANY port, INCLUDING 80.. so to kill Napster, you would >have to kill all access to http/tcp80.. NOT good. Blocking the IPs is the >best and most thorough solution at this time. > >Also, besides blocking the access to the main Napster sites will block most >users, and for those that go around it, there should be a user policy in >place. It is not totally your job to govern what the users do and do not >do.. the users should also be held responsible. Put a political policy in >place, and if it is broken by a user by using something such as opennap, >discipline from management will solve this issue. > > Regards, > Trevor Corness, CCNA MCSE MCP+I > Network Systems Engineer, DataCom > BMS Communications Ltd. > http://www.bmscom.com > >-Original Message- >From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of >Hal White >Sent: Friday, September 29, 2000 11:55 AM >To: [EMAIL PROTECTED]; [EMAIL PROTECTED] >Subject: RE: Napster Question > > >Blocking these IP addresses will only block users from accessing the main >napster servers and will not block access to other napster servers, such as, >opennap, which can be found easily by using the napigator program. The best >way to block Napster is to block the ports that the client uses which are >,,,. Don't quote me on these ports because I can't find my >documentation at the moment, but I think they are right. > > >Hal > >>From: "Fowler, Joey" <[EMAIL PROTECTED]> >>Reply-To: "Fowler, Joey" <[EMAIL PROTECTED]> >>To: [EMAIL PROTECTED] >>Subject: RE: Napster Question >>Date: Fri, 29 Sep 2000 13:15:19 -0400 >> >>If you search the archives it has some info on this, but I just implemented >>it this morning and it seems to working here. If you are using PIX firewall >>(or any other) create an access list using the outbound and apply commands >>to block the following addresses: >> >>208.184.216.0 /24 >>208.178.167.0 /24 >>208.178.163.61 >>208.184.175.130 >>208.184.175.131 >>208.184.175.132 >>208.184.175.134 >>208.49.239.242 >>208.49.239.247 >>208.49.239.248 >> >>People will start wandering by your desk asking if you've ever heard a >>program called Napster. I personally like to dumb. >> >>Joey >> >>-Original Message- >>From: Tom Pruneau [mailto:[EMAIL PROTECTED]] >>Sent: Friday, September 29, 2000 12:29 PM >>To: [EMAIL PROTECTED] >>Subject: Napster Question >> >> >>Greetings Group >> >>Does anyone know what ports Napster usies for handshaking? >>Inbound, outbound port number? >>What would it take to block Napster? >> >> >>Thanks >> >>Tom Pruneau >>Trainer Network Operations >>GENUITY >>3 Van de Graff Drive Burlington Ma. 01803 >>24 Hr. Network Operations Center 800-436-8489 >>If you need to get a hold of me my hours are 7AM-3PM ET Mon-Fri >> >>--- >>This email is composed of 82% post consumer recycled data bits >>--- >> >>"Once in a while you get shown the light >>in the strangest of places if you look at it right" >> >>**NOTE: New CCNA/CCDA List has been formed. For more information go to >>http://www.groupstudy.com/list/Associates.html >>_ >>UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html >>FAQ, list archives, and subscription info: http://www.groupstudy.com >>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] >
RE: Napster Question
Hello everyone, I searched through the archives and found lots of good information on blocking but I did not see anything on the possibility of allowing users to connect to Napster and download music but NOT be permitted to upload. Any thoughts on how to allow this to happen via PIX or IOS FW? I was thinking this might limit a company's legal exposure. Thanks, Hunter -Original Message- From: Trevor Corness, CCNA [mailto:[EMAIL PROTECTED]] Sent: Friday, September 29, 2000 3:49 PM To: Hal White; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Napster Question The list went through this several times already. Blocking ports , , , is useless.. since Beta6, Napster has been able to work on ANY port, INCLUDING 80.. so to kill Napster, you would have to kill all access to http/tcp80.. NOT good. Blocking the IPs is the best and most thorough solution at this time. Also, besides blocking the access to the main Napster sites will block most users, and for those that go around it, there should be a user policy in place. It is not totally your job to govern what the users do and do not do.. the users should also be held responsible. Put a political policy in place, and if it is broken by a user by using something such as opennap, discipline from management will solve this issue. Regards, Trevor Corness, CCNA MCSE MCP+I Network Systems Engineer, DataCom BMS Communications Ltd. http://www.bmscom.com -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Hal White Sent: Friday, September 29, 2000 11:55 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Napster Question Blocking these IP addresses will only block users from accessing the main napster servers and will not block access to other napster servers, such as, opennap, which can be found easily by using the napigator program. The best way to block Napster is to block the ports that the client uses which are ,,,. Don't quote me on these ports because I can't find my documentation at the moment, but I think they are right. Hal >From: "Fowler, Joey" <[EMAIL PROTECTED]> >Reply-To: "Fowler, Joey" <[EMAIL PROTECTED]> >To: [EMAIL PROTECTED] >Subject: RE: Napster Question >Date: Fri, 29 Sep 2000 13:15:19 -0400 > >If you search the archives it has some info on this, but I just implemented >it this morning and it seems to working here. If you are using PIX firewall >(or any other) create an access list using the outbound and apply commands >to block the following addresses: > >208.184.216.0 /24 >208.178.167.0 /24 >208.178.163.61 >208.184.175.130 >208.184.175.131 >208.184.175.132 >208.184.175.134 >208.49.239.242 >208.49.239.247 >208.49.239.248 > >People will start wandering by your desk asking if you've ever heard a >program called Napster. I personally like to dumb. > >Joey > >-Original Message- >From: Tom Pruneau [mailto:[EMAIL PROTECTED]] >Sent: Friday, September 29, 2000 12:29 PM >To: [EMAIL PROTECTED] >Subject: Napster Question > > >Greetings Group > >Does anyone know what ports Napster usies for handshaking? >Inbound, outbound port number? >What would it take to block Napster? > > >Thanks > >Tom Pruneau >Trainer Network Operations >GENUITY >3 Van de Graff Drive Burlington Ma. 01803 >24 Hr. Network Operations Center 800-436-8489 >If you need to get a hold of me my hours are 7AM-3PM ET Mon-Fri > >--- >This email is composed of 82% post consumer recycled data bits >--- > >"Once in a while you get shown the light >in the strangest of places if you look at it right" > >**NOTE: New CCNA/CCDA List has been formed. For more information go to >http://www.groupstudy.com/list/Associates.html >_ >UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html >FAQ, list archives, and subscription info: http://www.groupstudy.com >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Share information about yourself, create your own public profile at http://profiles.msn.com. **NOTE: New CCNA/CCDA List has been formed. For more information go to http://www.groupstudy.com/list/Associates.html _ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] **NOTE: New CCNA/CCDA List has been formed. Fo
RE: Napster Question
Is anybody having problems connecting to the napster server? I sure am. Any ideas? >>> "Hal White" <[EMAIL PROTECTED]> 09/29/00 03:14PM >>> I found my documentation and of course my memory had failed me. The ports for napster are ,6699,,9009. I think blocking these will disable napster. >From: "Fowler, Joey" <[EMAIL PROTECTED]> >Reply-To: "Fowler, Joey" <[EMAIL PROTECTED]> >To: [EMAIL PROTECTED] >Subject: RE: Napster Question >Date: Fri, 29 Sep 2000 13:15:19 -0400 > >If you search the archives it has some info on this, but I just implemented >it this morning and it seems to working here. If you are using PIX firewall >(or any other) create an access list using the outbound and apply commands >to block the following addresses: > >208.184.216.0 /24 >208.178.167.0 /24 >208.178.163.61 >208.184.175.130 >208.184.175.131 >208.184.175.132 >208.184.175.134 >208.49.239.242 >208.49.239.247 >208.49.239.248 > >People will start wandering by your desk asking if you've ever heard a >program called Napster. I personally like to dumb. > >Joey > >-Original Message- >From: Tom Pruneau [mailto:[EMAIL PROTECTED]] >Sent: Friday, September 29, 2000 12:29 PM >To: [EMAIL PROTECTED] >Subject: Napster Question > > >Greetings Group > >Does anyone know what ports Napster usies for handshaking? >Inbound, outbound port number? >What would it take to block Napster? > > >Thanks > >Tom Pruneau >Trainer Network Operations >GENUITY >3 Van de Graff Drive Burlington Ma. 01803 >24 Hr. Network Operations Center 800-436-8489 >If you need to get a hold of me my hours are 7AM-3PM ET Mon-Fri > >--- >This email is composed of 82% post consumer recycled data bits >--- > >"Once in a while you get shown the light >in the strangest of places if you look at it right" > >**NOTE: New CCNA/CCDA List has been formed. For more information go to >http://www.groupstudy.com/list/Associates.html >_ >UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html >FAQ, list archives, and subscription info: http://www.groupstudy.com >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Share information about yourself, create your own public profile at http://profiles.msn.com. **NOTE: New CCNA/CCDA List has been formed. For more information go to http://www.groupstudy.com/list/Associates.html _ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] **NOTE: New CCNA/CCDA List has been formed. For more information go to http://www.groupstudy.com/list/Associates.html _ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Napster Question
"Trevor Corness, CCNA" wrote: > > The list went through this several times already. > > Blocking ports , , , is useless.. since Beta6, Napster has > been able to work on ANY port, INCLUDING 80.. so to kill Napster, you would > have to kill all access to http/tcp80.. NOT good. Blocking the IPs is the > best and most thorough solution at this time. The closest "block" would be to negate my access list below, but this list is what we have used to at least get an idea of the level of Napster use. My comments thrown in: Extended IP access list ingress-filter (well, a piece of it) ! real-time streaming protocol permit tcp any eq 554 any (1313 matches) ! default Scour port if I recall correctly permit tcp any eq 1863 any (1591 matches) ! to signon to the Napster service defaults to port 8875; usually ! just one or a few packets to establish a signon and get an index ! server permit tcp any eq 8875 any log-input (222 matches) ! Index servers typically on //// permit tcp any eq any (10200 matches) permit tcp any eq any (6719 matches) permit tcp any eq any (4 matches) ! Default Gnutella port permit tcp any eq 6346 any permit tcp any any eq 6346 ! More Napster index ports permit tcp any eq any permit tcp any eq any (7 matches) ! Typical range of Napster file transfers permit tcp any range 6680 6699 any (4800 matches) permit tcp any any range 6680 6699 Now that fall semester is back in full swing, we had a big increase in file sharing traffic, so we are playing with 'traffic-shape group' command to try and limit their bandwidth. I'd be interested in the configs if anyone else is doing this (or similar) to throttle traffic. Jeff Kell <[EMAIL PROTECTED]> **NOTE: New CCNA/CCDA List has been formed. For more information go to http://www.groupstudy.com/list/Associates.html _ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Napster Question
The list went through this several times already. Blocking ports , , , is useless.. since Beta6, Napster has been able to work on ANY port, INCLUDING 80.. so to kill Napster, you would have to kill all access to http/tcp80.. NOT good. Blocking the IPs is the best and most thorough solution at this time. Also, besides blocking the access to the main Napster sites will block most users, and for those that go around it, there should be a user policy in place. It is not totally your job to govern what the users do and do not do.. the users should also be held responsible. Put a political policy in place, and if it is broken by a user by using something such as opennap, discipline from management will solve this issue. Regards, Trevor Corness, CCNA MCSE MCP+I Network Systems Engineer, DataCom BMS Communications Ltd. http://www.bmscom.com -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Hal White Sent: Friday, September 29, 2000 11:55 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Napster Question Blocking these IP addresses will only block users from accessing the main napster servers and will not block access to other napster servers, such as, opennap, which can be found easily by using the napigator program. The best way to block Napster is to block the ports that the client uses which are ,,,. Don't quote me on these ports because I can't find my documentation at the moment, but I think they are right. Hal >From: "Fowler, Joey" <[EMAIL PROTECTED]> >Reply-To: "Fowler, Joey" <[EMAIL PROTECTED]> >To: [EMAIL PROTECTED] >Subject: RE: Napster Question >Date: Fri, 29 Sep 2000 13:15:19 -0400 > >If you search the archives it has some info on this, but I just implemented >it this morning and it seems to working here. If you are using PIX firewall >(or any other) create an access list using the outbound and apply commands >to block the following addresses: > >208.184.216.0 /24 >208.178.167.0 /24 >208.178.163.61 >208.184.175.130 >208.184.175.131 >208.184.175.132 >208.184.175.134 >208.49.239.242 >208.49.239.247 >208.49.239.248 > >People will start wandering by your desk asking if you've ever heard a >program called Napster. I personally like to dumb. > >Joey > >-Original Message- >From: Tom Pruneau [mailto:[EMAIL PROTECTED]] >Sent: Friday, September 29, 2000 12:29 PM >To: [EMAIL PROTECTED] >Subject: Napster Question > > >Greetings Group > >Does anyone know what ports Napster usies for handshaking? >Inbound, outbound port number? >What would it take to block Napster? > > >Thanks > >Tom Pruneau >Trainer Network Operations >GENUITY >3 Van de Graff Drive Burlington Ma. 01803 >24 Hr. Network Operations Center 800-436-8489 >If you need to get a hold of me my hours are 7AM-3PM ET Mon-Fri > >--- >This email is composed of 82% post consumer recycled data bits >--- > >"Once in a while you get shown the light >in the strangest of places if you look at it right" > >**NOTE: New CCNA/CCDA List has been formed. For more information go to >http://www.groupstudy.com/list/Associates.html >_ >UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html >FAQ, list archives, and subscription info: http://www.groupstudy.com >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Share information about yourself, create your own public profile at http://profiles.msn.com. **NOTE: New CCNA/CCDA List has been formed. For more information go to http://www.groupstudy.com/list/Associates.html _ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] BEGIN:VCARD VERSION:2.1 N:Corness;Trevor FN:Trevor Corness ORG:BMS Communications;DataCom TITLE:Network Systems Engineer TEL;PAGER;VOICE:604-631-7867 ADR;WORK:;;2880 Production Way;Burnaby;BC;V5A4T6;Canada LABEL;WORK;ENCODING=QUOTED-PRINTABLE:2880 Production Way=0D=0ABurnaby, BC V5A4T6=0D=0ACanada URL: URL:http://www.bmscom.com EMAIL;PREF;INTERNET:[EMAIL PROTECTED] REV:2921T155409Z END:VCARD
Re: Napster Question
Add port 6699 to the list! Don ""Hal White"" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Blocking these IP addresses will only block users from accessing the main > napster servers and will not block access to other napster servers, such as, > opennap, which can be found easily by using the napigator program. The best > way to block Napster is to block the ports that the client uses which are > ,,,. Don't quote me on these ports because I can't find my > documentation at the moment, but I think they are right. > > > Hal > > >From: "Fowler, Joey" <[EMAIL PROTECTED]> > >Reply-To: "Fowler, Joey" <[EMAIL PROTECTED]> > >To: [EMAIL PROTECTED] > >Subject: RE: Napster Question > >Date: Fri, 29 Sep 2000 13:15:19 -0400 > > > >If you search the archives it has some info on this, but I just implemented > >it this morning and it seems to working here. If you are using PIX firewall > >(or any other) create an access list using the outbound and apply commands > >to block the following addresses: > > > >208.184.216.0 /24 > >208.178.167.0 /24 > >208.178.163.61 > >208.184.175.130 > >208.184.175.131 > >208.184.175.132 > >208.184.175.134 > >208.49.239.242 > >208.49.239.247 > >208.49.239.248 > > > >People will start wandering by your desk asking if you've ever heard a > >program called Napster. I personally like to dumb. > > > >Joey > > > >-Original Message- > >From: Tom Pruneau [mailto:[EMAIL PROTECTED]] > >Sent: Friday, September 29, 2000 12:29 PM > >To: [EMAIL PROTECTED] > >Subject: Napster Question > > > > > >Greetings Group > > > >Does anyone know what ports Napster usies for handshaking? > >Inbound, outbound port number? > >What would it take to block Napster? > > > > > >Thanks > > > >Tom Pruneau > >Trainer Network Operations > >GENUITY > >3 Van de Graff Drive Burlington Ma. 01803 > >24 Hr. Network Operations Center 800-436-8489 > >If you need to get a hold of me my hours are 7AM-3PM ET Mon-Fri > > > >--- > >This email is composed of 82% post consumer recycled data bits > >--- > > > >"Once in a while you get shown the light > >in the strangest of places if you look at it right" > > > >**NOTE: New CCNA/CCDA List has been formed. For more information go to > >http://www.groupstudy.com/list/Associates.html > >_ > >UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > >FAQ, list archives, and subscription info: http://www.groupstudy.com > >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > _ > Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. > > Share information about yourself, create your own public profile at > http://profiles.msn.com. > > **NOTE: New CCNA/CCDA List has been formed. For more information go to > http://www.groupstudy.com/list/Associates.html > _ > UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html > FAQ, list archives, and subscription info: http://www.groupstudy.com > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > **NOTE: New CCNA/CCDA List has been formed. For more information go to http://www.groupstudy.com/list/Associates.html _ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Napster Question
I found my documentation and of course my memory had failed me. The ports for napster are ,6699,,9009. I think blocking these will disable napster. >From: "Fowler, Joey" <[EMAIL PROTECTED]> >Reply-To: "Fowler, Joey" <[EMAIL PROTECTED]> >To: [EMAIL PROTECTED] >Subject: RE: Napster Question >Date: Fri, 29 Sep 2000 13:15:19 -0400 > >If you search the archives it has some info on this, but I just implemented >it this morning and it seems to working here. If you are using PIX firewall >(or any other) create an access list using the outbound and apply commands >to block the following addresses: > >208.184.216.0 /24 >208.178.167.0 /24 >208.178.163.61 >208.184.175.130 >208.184.175.131 >208.184.175.132 >208.184.175.134 >208.49.239.242 >208.49.239.247 >208.49.239.248 > >People will start wandering by your desk asking if you've ever heard a >program called Napster. I personally like to dumb. > >Joey > >-Original Message- >From: Tom Pruneau [mailto:[EMAIL PROTECTED]] >Sent: Friday, September 29, 2000 12:29 PM >To: [EMAIL PROTECTED] >Subject: Napster Question > > >Greetings Group > >Does anyone know what ports Napster usies for handshaking? >Inbound, outbound port number? >What would it take to block Napster? > > >Thanks > >Tom Pruneau >Trainer Network Operations >GENUITY >3 Van de Graff Drive Burlington Ma. 01803 >24 Hr. Network Operations Center 800-436-8489 >If you need to get a hold of me my hours are 7AM-3PM ET Mon-Fri > >--- >This email is composed of 82% post consumer recycled data bits >--- > >"Once in a while you get shown the light >in the strangest of places if you look at it right" > >**NOTE: New CCNA/CCDA List has been formed. For more information go to >http://www.groupstudy.com/list/Associates.html >_ >UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html >FAQ, list archives, and subscription info: http://www.groupstudy.com >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Share information about yourself, create your own public profile at http://profiles.msn.com. **NOTE: New CCNA/CCDA List has been formed. For more information go to http://www.groupstudy.com/list/Associates.html _ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Napster Question
Blocking these IP addresses will only block users from accessing the main napster servers and will not block access to other napster servers, such as, opennap, which can be found easily by using the napigator program. The best way to block Napster is to block the ports that the client uses which are ,,,. Don't quote me on these ports because I can't find my documentation at the moment, but I think they are right. Hal >From: "Fowler, Joey" <[EMAIL PROTECTED]> >Reply-To: "Fowler, Joey" <[EMAIL PROTECTED]> >To: [EMAIL PROTECTED] >Subject: RE: Napster Question >Date: Fri, 29 Sep 2000 13:15:19 -0400 > >If you search the archives it has some info on this, but I just implemented >it this morning and it seems to working here. If you are using PIX firewall >(or any other) create an access list using the outbound and apply commands >to block the following addresses: > >208.184.216.0 /24 >208.178.167.0 /24 >208.178.163.61 >208.184.175.130 >208.184.175.131 >208.184.175.132 >208.184.175.134 >208.49.239.242 >208.49.239.247 >208.49.239.248 > >People will start wandering by your desk asking if you've ever heard a >program called Napster. I personally like to dumb. > >Joey > >-Original Message- >From: Tom Pruneau [mailto:[EMAIL PROTECTED]] >Sent: Friday, September 29, 2000 12:29 PM >To: [EMAIL PROTECTED] >Subject: Napster Question > > >Greetings Group > >Does anyone know what ports Napster usies for handshaking? >Inbound, outbound port number? >What would it take to block Napster? > > >Thanks > >Tom Pruneau >Trainer Network Operations >GENUITY >3 Van de Graff Drive Burlington Ma. 01803 >24 Hr. Network Operations Center 800-436-8489 >If you need to get a hold of me my hours are 7AM-3PM ET Mon-Fri > >--- >This email is composed of 82% post consumer recycled data bits >--- > >"Once in a while you get shown the light >in the strangest of places if you look at it right" > >**NOTE: New CCNA/CCDA List has been formed. For more information go to >http://www.groupstudy.com/list/Associates.html >_ >UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html >FAQ, list archives, and subscription info: http://www.groupstudy.com >Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Share information about yourself, create your own public profile at http://profiles.msn.com. **NOTE: New CCNA/CCDA List has been formed. For more information go to http://www.groupstudy.com/list/Associates.html _ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Napster Question
Title: RE: Napster Question If you search the archives it has some info on this, but I just implemented it this morning and it seems to working here. If you are using PIX firewall (or any other) create an access list using the outbound and apply commands to block the following addresses: 208.184.216.0 /24 208.178.167.0 /24 208.178.163.61 208.184.175.130 208.184.175.131 208.184.175.132 208.184.175.134 208.49.239.242 208.49.239.247 208.49.239.248 People will start wandering by your desk asking if you've ever heard a program called Napster. I personally like to dumb. Joey -Original Message- From: Tom Pruneau [mailto:[EMAIL PROTECTED]] Sent: Friday, September 29, 2000 12:29 PM To: [EMAIL PROTECTED] Subject: Napster Question Greetings Group Does anyone know what ports Napster usies for handshaking? Inbound, outbound port number? What would it take to block Napster? Thanks Tom Pruneau Trainer Network Operations GENUITY 3 Van de Graff Drive Burlington Ma. 01803 24 Hr. Network Operations Center 800-436-8489 If you need to get a hold of me my hours are 7AM-3PM ET Mon-Fri --- This email is composed of 82% post consumer recycled data bits --- "Once in a while you get shown the light in the strangest of places if you look at it right" **NOTE: New CCNA/CCDA List has been formed. For more information go to http://www.groupstudy.com/list/Associates.html _ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]