Re: [FW-1] Kazaa
Title: Message Whoa, you are the best. Thank you Andy, these are very handy. -Original Message-From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] On Behalf Of Andy DrudaSent: Thursday, March 06, 2003 8:59 PMTo: [EMAIL PROTECTED]Subject: Re: [FW-1] KazaaAs requested:We found one "service" called http-tunnel.com. When we ran the test facility on their site we got the following list of servers:63.218.224.19638.144.57.130206.161.123.164205.252.49.463.217.29.19663.218.224.13763.219.179.19638.144.57.3438.144.57.6638.144.57.9863.218.224.19538.144.57.129206.161.123.163205.252.49.363.217.29.19563.218.224.13663.219.179.19538.144.57.3338.144.57.6538.144.57.97We blocked all of them. I anyone else finds any more of these "services" please list at least the name of the service.AndyChontzopoulos Dimitris wrote: These are my thoughts. You also mentioned something like "I have 20 of http-tunnels servers blocked". Could you please post their names or IP Addresses or both to this list or at least could you tell the list where to find them? Cheers, Dimitris. -Original Message-From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED]] On Behalf Of Andy DrudaSent: Wednesday, March 05, 2003 2:19 PMTo: [EMAIL PROTECTED]Subject: Re: [FW-1] KazaaThere is at least one "service" out there that provides a tunnel via http.http-tunnel.com is one. I would find all of these servers and block them. I have 20 of http-tunnels servers blocked.Clearly the only reason for these things to exist is to circumvent firewalls.AndyLuis Goncalves wrote: I´m using FW-1. Sure, at this moment I only allow htttp/https, ftp, dns, smtp and ssh. However, two or three guys are downloading from KazaaIs any protocol/port to block ? Luis Gonçalves - Original Message - From: "Rob Rutherford" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, March 05, 2003 10:59 AM Subject: Re: [FW-1] Kazaa Which firewall? You should really be blocking everything, except specific ports that you decide to allow, i.e. HTTP, DNS, etc. Robert Rutherford |-+--> | | Luis Goncalves | | | <[EMAIL PROTECTED]> | | | Sent by: Mailing list for | | | discussion of Firewall-1 | | | <[EMAIL PROTECTED]| | | kpoint.com>| | | | | | | | | 05/03/2003 10:24 | | | Please respond to Mailing list for | | | discussion of Firewall-1 | | | | |-+--> --- ---| | | | To: [EMAIL PROTECTED] | | cc: | | Subject: [FW-1] Kazaa | --- ---| Hello friends, I just have a big problem in my network...Some people are accessing Kazaa., and I don´t know how to stop that in my FW. Anybody knows how to block Kazza Thanks Luis Gonçalves This E-mail and any files transmitted with it are in commercial confidence and intended solely for the use of the individual or entity to whom they are addressed. If you have received this E-mail in error please notify the Administrator by E-mail ([EMAIL PROTECTED]). Any views or opinions expressed are solely those of the author and do not necessarily represent those of DEK International., or its affiliates. This footnote signifies that this message has been checked for viruses by MailswpUK1 = To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail = To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html = If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] = =
Re: [FW-1] Kazaa
As requested:
We found one "service" called http-tunnel.com. When we ran the test facility
on their site we got the following list of servers:
63.218.224.196
38.144.57.130
206.161.123.164
205.252.49.4
63.217.29.196
63.218.224.137
63.219.179.196
38.144.57.34
38.144.57.66
38.144.57.98
63.218.224.195
38.144.57.129
206.161.123.163
205.252.49.3
63.217.29.195
63.218.224.136
63.219.179.195
38.144.57.33
38.144.57.65
38.144.57.97
We blocked all of them. I anyone else finds any more of these "services"
please list at least the name of the service.
Andy
Chontzopoulos Dimitris wrote:
Message
These are my thoughts. You also mentioned something
like "I have 20 of http-tunnels servers blocked". Could you please post
their names or IP Addresses or both to this list or at least could you tell
the list where to find them?
Cheers,
Dimitris.
-Original Message-
From: Mailing list fordiscussion of Firewall-1 [mailto:[EMAIL PROTECTED]]
On Behalf Of Andy Druda
Sent: Wednesday, March 05, 2003 2:19PM
To:[EMAIL PROTECTED]
Subject: Re: [FW-1]Kazaa
There is at least one "service" out there thatprovides a tunnel via http.
http-tunnel.com is one. I would find allof these servers and block them.
I have 20 of http-tunnels serversblocked.
Clearly the only reason for these things to exist is to circumventfirewalls.
Andy
Luis Goncalves wrote:
I´m using FW-1. Sure, at this moment I only allow htttp/https, ftp, dns,
smtp and ssh. However, two or three guys are downloading from KazaaIs
any protocol/port to block ?
Luis Gonçalves
- Original Message -
From: "Rob Rutherford" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, March 05, 2003 10:59 AM
Subject: Re: [FW-1] Kazaa
Which firewall? You should really be blocking everything, except specific
ports that you decide to allow, i.e. HTTP, DNS, etc.
Robert Rutherford
|-+-->
| | Luis Goncalves |
| | <[EMAIL PROTECTED]> |
| | Sent by: Mailing list for |
| | discussion of Firewall-1 |
| | <[EMAIL PROTECTED]|
| | kpoint.com>|
| | |
| | |
| | 05/03/2003 10:24 |
| | Please respond to Mailing list for |
| | discussion of Firewall-1 |
| | |
|-+-->
---
---|
|
|
| To: [EMAIL PROTECTED]
|
| cc:
|
| Subject: [FW-1] Kazaa
|
---
---|
Hello friends,
I just have a big problem in my network...Some people are accessing Kazaa.,
and I don´t know how to stop that in my FW.
Anybody knows how to block Kazza
Thanks
Luis Gonçalves
This E-mail and any files transmitted with it are in
commercial confidence and intended solely for the use of
the individual or entity to whom they are addressed.
If you have received this E-mail in error please notify the
Administrator by E-mail ([EMAIL PROTECTED]).
Any views or opinions expressed are solely those of the
author and do not necessarily represent those of
DEK International., or its affiliates.
This footnote signifies that this message has been
checked for viruses by MailswpUK1
=
To set vacation, Out Of Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=
=
To set vacation, Out Of Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
===
Re: [FW-1] Kazaa
Hi, I see a lot of posts on this topic so sorry if I'm going over old ground. I have been looking into blocking all peer to peer file sharing. There is a document the Checkpoint site in Secure Knowledge that details what can be done - Solution ID: sk15150 Title - Peer-to-Peer (P2P) Security and QoS Frequently Asked Question I think this might be of use to you. Regards, Mark Pays MIS Technical -Original Message- From: Luis Goncalves [mailto:[EMAIL PROTECTED] Sent: 05 March 2003 13:08 To: [EMAIL PROTECTED] Subject: Re: [FW-1] Kazaa *** THIS MESSAGE ORIGINATED OUTSIDE MIS *** thanks. Luis Goncalves - Original Message - From: Andy Druda To: [EMAIL PROTECTED] Sent: Wednesday, March 05, 2003 12:19 PM Subject: Re: [FW-1] Kazaa There is at least one "service" out there that provides a tunnel via http. http-tunnel.com is one. I would find all of these servers and block them. I have 20 of http-tunnels servers blocked. Clearly the only reason for these things to exist is to circumvent firewalls. Andy Luis Goncalves wrote: I´m using FW-1. Sure, at this moment I only allow htttp/https, ftp, dns,smtp and ssh. However, two or three guys are downloading from KazaaIsany protocol/port to block ? Luis Gonçalves - Original Message -From: "Rob Rutherford" <[EMAIL PROTECTED]>To: <[EMAIL PROTECTED]>Sent: Wednesday, March 05, 2003 10:59 AMSubject: Re: [FW-1] Kazaa Which firewall? You should really be blocking everything, except specificports that you decide to allow, i.e. HTTP, DNS, etc. Robert Rutherford|-+-->| | Luis Goncalves || | <[EMAIL PROTECTED]> || | Sent by: Mailing list for || | discussion of Firewall-1 || | <[EMAIL PROTECTED]|| | kpoint.com> || | || | || | 05/03/2003 10:24 || | Please respond to Mailing list for || | discussion of Firewall-1 || | ||-+--> --- ---| || | To: [EMAIL PROTECTED]| | cc:| | Subject: [FW-1] Kazaa| --- ---|Hello friends, I just have a big problem in my network...Some people are accessing Kazaa.,and I don´t know how to stop that in my FW. Anybody knows how to block Kazza Thanks Luis Gonçalves This E-mail and any files transmitted with it are incommercial confidence and intended solely for the use ofthe individual or entity to whom they are addressed.If you have received this E-mail in error please notify theAdministrator by E-mail ([EMAIL PROTECTED]).Any views or opinions expressed are solely those of theauthor and do not necessarily represent those ofDEK International., or its affiliates.This footnote signifies that this message has beenchecked for viruses by MailswpUK1 =To set vacation, Out Of Office, or away messages,send an email to [EMAIL PROTECTED]in the BODY of the email add:set fw-1-mailinglist nomail=To unsubscribe from this mailing list,please see the instructions athttp://www.checkpoint.com/services/mailing.html=If you have any questions on how to change yoursubscription options, email[EMAIL PROTECTED]= =To set vacation, Out Of Office, or away messages,send an email to [EMAIL PROTECTED]in the BODY of the email add:set fw-1-mailinglist nomail=To unsubscribe from this mailing list,please see the instructions athttp://www.checkpoint.com/services/mailing.html=If you have any questions on how to change yoursubscription options, email[EMAIL PROTECTED]= --Andy DrudaDirector of Campus TechnologyWagner CollegeStaten Island, New York 10301718 390-3204 The information contained in this message or any of its attachments may be privileged and
Re: [FW-1] Kazaa
Title: Message Can anyone provide a listing of these type servers? Thanks, Curt -Original Message-From: Luis Goncalves [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 05, 2003 8:08 AMTo: [EMAIL PROTECTED]Subject: Re: [FW-1] Kazaa thanks. Luis Goncalves - Original Message - From: Andy Druda To: [EMAIL PROTECTED] Sent: Wednesday, March 05, 2003 12:19 PM Subject: Re: [FW-1] Kazaa There is at least one "service" out there that provides a tunnel via http.http-tunnel.com is one. I would find all of these servers and block them. I have 20 of http-tunnels servers blocked.Clearly the only reason for these things to exist is to circumvent firewalls.AndyLuis Goncalves wrote: I´m using FW-1. Sure, at this moment I only allow htttp/https, ftp, dns, smtp and ssh. However, two or three guys are downloading from KazaaIs any protocol/port to block ? Luis Gonçalves - Original Message - From: "Rob Rutherford" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, March 05, 2003 10:59 AM Subject: Re: [FW-1] Kazaa Which firewall? You should really be blocking everything, except specific ports that you decide to allow, i.e. HTTP, DNS, etc. Robert Rutherford |-+--> | | Luis Goncalves | | | <[EMAIL PROTECTED]> | | | Sent by: Mailing list for | | | discussion of Firewall-1 | | | <[EMAIL PROTECTED]| | | kpoint.com>| | | | | | | | | 05/03/2003 10:24 | | | Please respond to Mailing list for | | | discussion of Firewall-1 | | | | |-+--> --- ---| | | | To: [EMAIL PROTECTED] | | cc: | | Subject: [FW-1] Kazaa | --- ---| Hello friends, I just have a big problem in my network...Some people are accessing Kazaa., and I don´t know how to stop that in my FW. Anybody knows how to block Kazza Thanks Luis Gonçalves This E-mail and any files transmitted with it are in commercial confidence and intended solely for the use of the individual or entity to whom they are addressed. If you have received this E-mail in error please notify the Administrator by E-mail ([EMAIL PROTECTED]). Any views or opinions expressed are solely those of the author and do not necessarily represent those of DEK International., or its affiliates. This footnote signifies that this message has been checked for viruses by MailswpUK1 = To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail = To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html = If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] = = To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail = To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html = If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] = -- Andy Druda Director of Campus Technology Wagner College Staten Island, New York 10301 718 390-3204 �
Re: [FW-1] Kazaa
thanks. Luis Goncalves - Original Message - From: Andy Druda To: [EMAIL PROTECTED] Sent: Wednesday, March 05, 2003 12:19 PM Subject: Re: [FW-1] Kazaa There is at least one "service" out there that provides a tunnel via http.http-tunnel.com is one. I would find all of these servers and block them. I have 20 of http-tunnels servers blocked.Clearly the only reason for these things to exist is to circumvent firewalls.AndyLuis Goncalves wrote: I´m using FW-1. Sure, at this moment I only allow htttp/https, ftp, dns, smtp and ssh. However, two or three guys are downloading from KazaaIs any protocol/port to block ? Luis Gonçalves - Original Message - From: "Rob Rutherford" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, March 05, 2003 10:59 AM Subject: Re: [FW-1] Kazaa Which firewall? You should really be blocking everything, except specific ports that you decide to allow, i.e. HTTP, DNS, etc. Robert Rutherford |-+--> | | Luis Goncalves | | | <[EMAIL PROTECTED]> | | | Sent by: Mailing list for | | | discussion of Firewall-1 | | | <[EMAIL PROTECTED]| | | kpoint.com>| | | | | | | | | 05/03/2003 10:24 | | | Please respond to Mailing list for | | | discussion of Firewall-1 | | | | |-+--> --- ---| | | | To: [EMAIL PROTECTED] | | cc: | | Subject: [FW-1] Kazaa | --- ---| Hello friends, I just have a big problem in my network...Some people are accessing Kazaa., and I don´t know how to stop that in my FW. Anybody knows how to block Kazza Thanks Luis Gonçalves This E-mail and any files transmitted with it are in commercial confidence and intended solely for the use of the individual or entity to whom they are addressed. If you have received this E-mail in error please notify the Administrator by E-mail ([EMAIL PROTECTED]). Any views or opinions expressed are solely those of the author and do not necessarily represent those of DEK International., or its affiliates. This footnote signifies that this message has been checked for viruses by MailswpUK1 = To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail = To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html = If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] = = To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail = To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html = If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] = -- Andy Druda Director of Campus Technology Wagner College Staten Island, New York 10301 718 390-3204
Re: [FW-1] Kazaa
Title: Message Apart from the http-tunnel.com "like" servers, I believe that Kazaa is able to perform http tunneling by itself, that is, it can connect to its "root" or "login" servers by using http. I also believe that Kazaa is actually capable of connecting to its "root" or "login" (you got the meaning) servers by utilizing any port allowed to "go out" of the Organization, that is http, https, dns, ssh or anything else you are permitting to go out. So, if you haven't done already so, you should: 1. Block all the http-tunnel.com "alike" servers 2. Block all the IP Addresses Kazaa is using to authenticate its clients 3. Permit access to specific outgoing services only to specific internal IP addresses (e.g. 192.168.0.1(Mail Server) - ANY - SMTP - ACCEPT - LONG and not ANY - ANY - SMTP - ACCEPT) 4. Create HTTP with Resource objects in order to specify the allowed WEB browsing 5. Create HTTP with Resource objects in order to deny specific downloads Another thing you should do is setup a Proxy server and only Hide NAT the Proxy Server to the Internet. This way, you could make your life easier, regarding your Rulebase, in terms of defining the HTTP Resources. These are my thoughts. You also mentioned something like "I have 20 of http-tunnels servers blocked". Could you please post their names or IP Addresses or both to this list or at least could you tell the list where to find them? Cheers, Dimitris. -Original Message-From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] On Behalf Of Andy DrudaSent: Wednesday, March 05, 2003 2:19 PMTo: [EMAIL PROTECTED]Subject: Re: [FW-1] KazaaThere is at least one "service" out there that provides a tunnel via http.http-tunnel.com is one. I would find all of these servers and block them. I have 20 of http-tunnels servers blocked.Clearly the only reason for these things to exist is to circumvent firewalls.AndyLuis Goncalves wrote: I´m using FW-1. Sure, at this moment I only allow htttp/https, ftp, dns, smtp and ssh. However, two or three guys are downloading from KazaaIs any protocol/port to block ? Luis Gonçalves - Original Message - From: "Rob Rutherford" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, March 05, 2003 10:59 AM Subject: Re: [FW-1] Kazaa Which firewall? You should really be blocking everything, except specific ports that you decide to allow, i.e. HTTP, DNS, etc. Robert Rutherford |-+--> | | Luis Goncalves | | | <[EMAIL PROTECTED]> | | | Sent by: Mailing list for | | | discussion of Firewall-1 | | | <[EMAIL PROTECTED]| | | kpoint.com>| | | | | | | | | 05/03/2003 10:24 | | | Please respond to Mailing list for | | | discussion of Firewall-1 | | | | |-+--> ----------- ---| | | | To: [EMAIL PROTECTED] | | cc: | | Subject: [FW-1] Kazaa | --- ---| Hello friends, I just have a big problem in my network...Some people are accessing Kazaa., and I don´t know how to stop that in my FW. Anybody knows how to block Kazza Thanks Luis Gonçalves This E-mail and any files transmitted with it are in commercial confidence and intended solely for the use of the individual or entity to whom they are addressed. If you have received this E-mail in error please notify the Administrator by E-mail ([EMAIL PROTECTED]). Any views or opinions expressed are solely those of the author and do not necessarily represent those of DEK International., or its affiliates. This footnote signifies that this message has been checked for viruses by MailswpUK1 = To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail = To unsubscribe from this mailing list, please see the instructions at http://www
Re: [FW-1] Kazaa
Check this document http://support.checkpoint.com/kb/docs/public/firewall1/ng/pdf/windowsmediapl ayer.pdf -Original Message- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] Behalf Of Chontzopoulos Dimitris Sent: Wednesday, March 05, 2003 2:06 PM To: [EMAIL PROTECTED] Subject: Re: [FW-1] Kazaa Is Kazaa using HTTP tunneling? If so, you should consider blocking access to the specific Kazaa login IP Addresses. Just a thought. Cheers, Dimitris. -Original Message- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] On Behalf Of Luis Goncalves Sent: Wednesday, March 05, 2003 1:50 PM To: [EMAIL PROTECTED] Subject: Re: [FW-1] Kazaa I´m using FW-1. Sure, at this moment I only allow htttp/https, ftp, dns, smtp and ssh. However, two or three guys are downloading from KazaaIs any protocol/port to block ? Luis Gonçalves - Original Message - From: "Rob Rutherford" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, March 05, 2003 10:59 AM Subject: Re: [FW-1] Kazaa Which firewall? You should really be blocking everything, except specific ports that you decide to allow, i.e. HTTP, DNS, etc. Robert Rutherford |-+--> | | Luis Goncalves | | | <[EMAIL PROTECTED]> | | | Sent by: Mailing list for | | | discussion of Firewall-1 | | | <[EMAIL PROTECTED]| | | kpoint.com>| | | | | | | | | 05/03/2003 10:24 | | | Please respond to Mailing list for | | | discussion of Firewall-1 | | | | |-+--> >--- ---| | | | To: [EMAIL PROTECTED] | | cc: | | Subject: [FW-1] Kazaa | >--- ---| Hello friends, I just have a big problem in my network...Some people are accessing Kazaa., and I don´t know how to stop that in my FW. Anybody knows how to block Kazza Thanks Luis Gonçalves This E-mail and any files transmitted with it are in commercial confidence and intended solely for the use of the individual or entity to whom they are addressed. If you have received this E-mail in error please notify the Administrator by E-mail ([EMAIL PROTECTED]). Any views or opinions expressed are solely those of the author and do not necessarily represent those of DEK International., or its affiliates. This footnote signifies that this message has been checked for viruses by MailswpUK1 = To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail = To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html = If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] = = To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail = To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html = If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] = = To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail = To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html = If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] = ===
Re: [FW-1] Kazaa
There is at least one "service" out there that provides a tunnel via http. http-tunnel.com is one. I would find all of these servers and block them. I have 20 of http-tunnels servers blocked. Clearly the only reason for these things to exist is to circumvent firewalls. Andy Luis Goncalves wrote: I´m using FW-1. Sure, at this moment I only allow htttp/https, ftp, dns, smtp and ssh. However, two or three guys are downloading from KazaaIs any protocol/port to block ? Luis Gonçalves - Original Message - From: "Rob Rutherford" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, March 05, 2003 10:59 AM Subject: Re: [FW-1] Kazaa Which firewall? You should really be blocking everything, except specific ports that you decide to allow, i.e. HTTP, DNS, etc. Robert Rutherford |-+--> | | Luis Goncalves | | | <[EMAIL PROTECTED]> | | | Sent by: Mailing list for | | | discussion of Firewall-1 | | | <[EMAIL PROTECTED]| | | kpoint.com>| | | | | | | | | 05/03/2003 10:24 | | | Please respond to Mailing list for | | | discussion of Firewall-1 | | | | |-+--> --- ---| | | | To: [EMAIL PROTECTED] | | cc: | | Subject: [FW-1] Kazaa | --- ---| Hello friends, I just have a big problem in my network...Some people are accessing Kazaa., and I don´t know how to stop that in my FW. Anybody knows how to block Kazza Thanks Luis Gonçalves This E-mail and any files transmitted with it are in commercial confidence and intended solely for the use of the individual or entity to whom they are addressed. If you have received this E-mail in error please notify the Administrator by E-mail ([EMAIL PROTECTED]). Any views or opinions expressed are solely those of the author and do not necessarily represent those of DEK International., or its affiliates. This footnote signifies that this message has been checked for viruses by MailswpUK1 = To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail = To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html = If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] = = To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail = To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html = If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] = -- Andy Druda Director of Campus Technology Wagner College Staten Island, New York 10301 718 390-3204
Re: [FW-1] Kazaa
Is Kazaa using HTTP tunneling? If so, you should consider blocking access to the specific Kazaa login IP Addresses. Just a thought. Cheers, Dimitris. -Original Message- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] On Behalf Of Luis Goncalves Sent: Wednesday, March 05, 2003 1:50 PM To: [EMAIL PROTECTED] Subject: Re: [FW-1] Kazaa I´m using FW-1. Sure, at this moment I only allow htttp/https, ftp, dns, smtp and ssh. However, two or three guys are downloading from KazaaIs any protocol/port to block ? Luis Gonçalves - Original Message - From: "Rob Rutherford" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, March 05, 2003 10:59 AM Subject: Re: [FW-1] Kazaa Which firewall? You should really be blocking everything, except specific ports that you decide to allow, i.e. HTTP, DNS, etc. Robert Rutherford |-+--> | | Luis Goncalves | | | <[EMAIL PROTECTED]> | | | Sent by: Mailing list for | | | discussion of Firewall-1 | | | <[EMAIL PROTECTED]| | | kpoint.com>| | | | | | | | | 05/03/2003 10:24 | | | Please respond to Mailing list for | | | discussion of Firewall-1 | | | | |-+--> >--- ---| | | | To: [EMAIL PROTECTED] | | cc: | | Subject: [FW-1] Kazaa | >--- ---| Hello friends, I just have a big problem in my network...Some people are accessing Kazaa., and I don´t know how to stop that in my FW. Anybody knows how to block Kazza Thanks Luis Gonçalves This E-mail and any files transmitted with it are in commercial confidence and intended solely for the use of the individual or entity to whom they are addressed. If you have received this E-mail in error please notify the Administrator by E-mail ([EMAIL PROTECTED]). Any views or opinions expressed are solely those of the author and do not necessarily represent those of DEK International., or its affiliates. This footnote signifies that this message has been checked for viruses by MailswpUK1 = To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail = To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html = If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] = = To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail = To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html = If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] = = To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail = To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html = If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =
Re: [FW-1] Kazaa
I´m using FW-1. Sure, at this moment I only allow htttp/https, ftp, dns, smtp and ssh. However, two or three guys are downloading from KazaaIs any protocol/port to block ? Luis Gonçalves - Original Message - From: "Rob Rutherford" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, March 05, 2003 10:59 AM Subject: Re: [FW-1] Kazaa Which firewall? You should really be blocking everything, except specific ports that you decide to allow, i.e. HTTP, DNS, etc. Robert Rutherford |-+--> | | Luis Goncalves | | | <[EMAIL PROTECTED]> | | | Sent by: Mailing list for | | | discussion of Firewall-1 | | | <[EMAIL PROTECTED]| | | kpoint.com>| | | | | | | | | 05/03/2003 10:24 | | | Please respond to Mailing list for | | | discussion of Firewall-1 | | | | |-+--> >--- ---| | | | To: [EMAIL PROTECTED] | | cc: | | Subject: [FW-1] Kazaa | >--- ---| Hello friends, I just have a big problem in my network...Some people are accessing Kazaa., and I don´t know how to stop that in my FW. Anybody knows how to block Kazza Thanks Luis Gonçalves This E-mail and any files transmitted with it are in commercial confidence and intended solely for the use of the individual or entity to whom they are addressed. If you have received this E-mail in error please notify the Administrator by E-mail ([EMAIL PROTECTED]). Any views or opinions expressed are solely those of the author and do not necessarily represent those of DEK International., or its affiliates. This footnote signifies that this message has been checked for viruses by MailswpUK1 = To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail = To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html = If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] = = To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail = To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html = If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =
Re: [FW-1] Kazaa
Which firewall? You should really be blocking everything, except specific ports that you decide to allow, i.e. HTTP, DNS, etc. Robert Rutherford |-+--> | | Luis Goncalves | | | <[EMAIL PROTECTED]> | | | Sent by: Mailing list for | | | discussion of Firewall-1 | | | <[EMAIL PROTECTED]| | | kpoint.com>| | | | | | | | | 05/03/2003 10:24 | | | Please respond to Mailing list for | | | discussion of Firewall-1 | | | | |-+--> >--| | | | To: [EMAIL PROTECTED] | | cc: | | Subject: [FW-1] Kazaa | >--| Hello friends, I just have a big problem in my network...Some people are accessing Kazaa., and I don´t know how to stop that in my FW. Anybody knows how to block Kazza Thanks Luis Gonçalves This E-mail and any files transmitted with it are in commercial confidence and intended solely for the use of the individual or entity to whom they are addressed. If you have received this E-mail in error please notify the Administrator by E-mail ([EMAIL PROTECTED]). Any views or opinions expressed are solely those of the author and do not necessarily represent those of DEK International., or its affiliates. This footnote signifies that this message has been checked for viruses by MailswpUK1 = To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail = To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html = If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =
Re: [FW-1] Kazaa
Hi Luis Start by going to your managers and ask them to make it clear to people that this is not acceptable, then allow only the protocols out of your site that people really need, i.e. port 80, 22 (ssh) 21 (ftp) and 25 (smtp) this is also a wise move when we have all the late worms in mind... Morten -Original Message-From: Luis Goncalves [mailto:[EMAIL PROTECTED]Sent: 5. marts 2003 11:24To: [EMAIL PROTECTED]Subject: [FW-1] Kazaa Hello friends, I just have a big problem in my network...Some people are accessing Kazaa., and I don´t know how to stop that in my FW. Anybody knows how to block Kazza Thanks Luis Gonçalves
[FW-1] Kazaa
Hello friends, I just have a big problem in my network...Some people are accessing Kazaa., and I don´t know how to stop that in my FW. Anybody knows how to block Kazza Thanks Luis Gonçalves
Re: [FW-1] Kazaa
As you are posting to a FW-1 mailing I guess you also have FW-1!? Use FP3 Smartdefense to block kazaa over HTTP. Works just fine. Regards, Egonle Christopher Collins <[EMAIL PROTECTED]> wrote: >If a client uses a HTTP port program like KazaaHTTP, there are very few >options that you have as it will tunnel the kazaa traffic over HTTP from the >client's desktop. If you have a novice userbase, simply blocking the port of >1214 should suffice. > >access-list 101 deny tcp any any eq 1214 > > > > >-Original Message- >From: Michael Stimson [mailto:[EMAIL PROTECTED]] >Sent: November 22, 2002 6:46 PM >To: Collins, Chris; [EMAIL PROTECTED] >Subject: RE: Kazaa > >Do you know how to block kazaa??? I am trying to block it from the Cisco >router.. >Thanks > > >Michael Stimson, JR >Texas Air Net > __ The NEW Netscape 7.0 browser is now available. Upgrade now! http://channels.netscape.com/ns/browsers/download.jsp Get your own FREE, personal Netscape Mail account today at http://webmail.netscape.com/ = To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail = To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html = If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =
Re: [FW-1] Kazaa
If a client uses a HTTP port program like KazaaHTTP, there are very few options that you have as it will tunnel the kazaa traffic over HTTP from the client’s desktop. If you have a novice userbase, simply blocking the port of 1214 should suffice. access-list 101 deny tcp any any eq 1214 -Original Message- From: Michael Stimson [mailto:[EMAIL PROTECTED]] Sent: November 22, 2002 6:46 PM To: Collins, Chris; [EMAIL PROTECTED] Subject: RE: Kazaa Do you know how to block kazaa??? I am trying to block it from the Cisco router.. Thanks Michael Stimson, JR Texas Air Net
