Re: [LARTC] Kazaa
Hi, > I want to block (or limit) the Kazaa from our network. How can I do that? > What tools should I use? There is a tool called ipp2p to identify P2P traffic. It introduces a new match module to iptables and allows you to catch the following P2P Networks at the moment: -Fast Track (KaZaA and clones) -Gnutella -Edonkey (Edonkey, Emule, Overnet ...) -Direct Connect You can download it from: http://ilabws13.informatik.uni-leipzig.de/~mai97bwf/ipp2p.tar.gz To drop Kazaa data packets you just have to use the following iptables-command: iptables -A FORWARD -tcp -m ipp2p --kazaa -j DROP This tool works pretty well as we tested it in a university environment. Have a look and feel free to come back with any comments or suggestions to me or the author. Regards, Mike -- COMPUTERBILD 15/03: Premium-e-mail-Dienste im Test -- 1. GMX TopMail - Platz 1 und Testsieger! 2. GMX ProMail - Platz 2 und Preis-Qualitätssieger! 3. Arcor - 4. web.de - 5. T-Online - 6. freenet.de - 7. daybyday - 8. e-Post ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] Kazaa
> All, > > I want to block (or limit) the Kazaa from our network. How can I do that? > What tools should I use? > > PS. If the topic was already discussed, please tell me where I can get it. > Don't brush me off. > > Thx & Rgds, > > Awie > > > > > ___ > LARTC mailing list / [EMAIL PROTECTED] > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ > -- COMPUTERBILD 15/03: Premium-e-mail-Dienste im Test -- 1. GMX TopMail - Platz 1 und Testsieger! 2. GMX ProMail - Platz 2 und Preis-Qualitätssieger! 3. Arcor - 4. web.de - 5. T-Online - 6. freenet.de - 7. daybyday - 8. e-Post ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] Kazaa
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tuesday 02 September 2003 09:53, Awie wrote: take a look at this http://www.lowth.com/p2pwall/ - -- Regards, Robert - -- Robert Penz robert dot penz at outertech dot com -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.2-rc1-SuSE (GNU/Linux) iD8DBQE/VE/C8tTsQqJDUBMRAoCUAJ4joIFL9H6TEvibAUzrsrAhc0ymewCgnlg7 /CYAyZBV1ZEmG/CfmNiipXk= =d+oH -END PGP SIGNATURE- ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] Kazaa
Thanks Rio, I will try. Thx & Rgds, Awie - Original Message - From: "Rio Martin" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, September 02, 2003 8:43 AM Subject: Re: [LARTC] Kazaa > On Monday 01 September 2003 17:01, Tom Verbeek wrote: > > Hi Awie, > > I you simply want to block Kazaa, you need to set up a Firewall that > > is restrictive of outgoing requests (Kazaa does not need to have > > incoming ports forwarded or open). > > Block this Port 1214/TCP (incoming and outgoing). > > Cheers, > > Tom. > > Kazaa use random ports if you blocked tcp port 1214. > Have you checked this P2P software ? There is SOCKS support, so if you blocked > tcp port 1214, your users still able to comunicate with Kazaa gateway through > SOCKS proxy. > > Perhaps you should take this as solution to your problem, blocked all tcp port > from 1 - 65535, list any ports to be allowed by your firewall. > > Regards, > Rio Martin. > -- > > > > > ___ > LARTC mailing list / [EMAIL PROTECTED] > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ > ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] Kazaa
On Monday 01 September 2003 17:01, Tom Verbeek wrote: > Hi Awie, > I you simply want to block Kazaa, you need to set up a Firewall that > is restrictive of outgoing requests (Kazaa does not need to have > incoming ports forwarded or open). > Block this Port 1214/TCP (incoming and outgoing). > Cheers, > Tom. Kazaa use random ports if you blocked tcp port 1214. Have you checked this P2P software ? There is SOCKS support, so if you blocked tcp port 1214, your users still able to comunicate with Kazaa gateway through SOCKS proxy. Perhaps you should take this as solution to your problem, blocked all tcp port from 1 - 65535, list any ports to be allowed by your firewall. Regards, Rio Martin. -- ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] Kazaa
Awie wrote: > > All, > > I want to block (or limit) the Kazaa from our network. How can I do that? > What tools should I use? > > PS. If the topic was already discussed, please tell me where I can get it. > Don't brush me off. > > Thx & Rgds, > > Awie google "lartc blocking kazaa" or just "lartc kazaa". http://www.lowth.com/p2pwall/ftwall/ gypsy ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] Kazaa
Hi Awie, I you simply want to block Kazaa, you need to set up a Firewall that is restrictive of outgoing requests (Kazaa does not need to have incoming ports forwarded or open). Block this Port 1214/TCP (incoming and outgoing). Cheers, Tom. A> All, A> I want to block (or limit) the Kazaa from our network. How can I do that? A> What tools should I use? A> PS. If the topic was already discussed, please tell me where I can get it. A> Don't brush me off. A> Thx & Rgds, A> Awie A> ___ A> LARTC mailing list / [EMAIL PROTECTED] A> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ -- Word Perfect isn't, Excel doesn't, Works won't. ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Re: [LARTC] Kazaa 2 and Shaping
On Tue, 10 Dec 2002, Snuffy2 wrote: > I'm sucessfully running a shaper on the trafic over my > DSL. It works great except .. I can't seem to get > it to limit Kazaa usage. I'm not trying to turn of > the Kazaa ports, but just put them at a very low > priority. I know everyone says that Kazaa uses port > 1214 which is true, but Kazaa 2 seems to use a whole > slew of other ones (could be random, not sure). Is > there a list of all the ports Kazaa 2 uses or a > different, better way to limit Kazaa and place it low > priority? Is there anyway to scan the IP header and > determine that it's going/coming from Kazaa and limit > it that way? Any help is appreciated as the users > using Kazaa are flooding the connection . again. You may try shaping everything that has source OR destination port 1214, in both directions. This improves chances on reducing traffic since the port 1214 is often used on any other side of connection. I also saw some patch for iptables to stop kazaa (and other, based on matching regexp's on data transferred) but i can't find it now. -- ## # | p0wer| # # __ |GG#1877248 | # # (oo) | [EMAIL PROTECTED] | # # / \/ \ Go away or I will replace you # # `V__V' with a very small shell script. # ## ___ LARTC mailing list / [EMAIL PROTECTED] http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/