Soporte [[EMAIL PROTECTED]] wrote: > I am trying to block KaZaa using access lists, I read many > tips like blocking port 1214, block the Morpheus network, but > with the latest version of KaZaa it seems that not work, why? > Let me explain... > I have Kazaa Media Desktop 2.0 (Built: Friday, September 20, > 2002 16:14:03), a Network Protocol Analyzer (Ethereal Version > 0.9.7) and a Cisco Catalyst 6509 (IOS MSFC2 Software C6MSFC2- > IS-M Version 12.1 E4) > (...)
Don't know if it's applicable in your network, but isn't it easier and way more secure to block everything, and then allow "legitimate" traffic (like http, ftp, etc) ? I've had an experience similar to this in the past, and the moment I bloced Morpheus, people moved to edonkey. When I blocked edonkey, people moved to iMesh. It would go like forever, because people are always making new p2p networks. So, just block everything and allow the valid traffic, and you'll have blocked every existing p2p software and future ones also (well, one might use an http gateway, but then a proxy would help you). It's always good security practice whitelisting instead of blacklisting. Just isn't applicable in every network setup (ISPs, for example). -- Bruno Lustosa, aka Lofofora | Email: [EMAIL PROTECTED] Network Administrator/Web Programmer | ICQ UIN: 1406477 Rio de Janeiro - Brazil |
msg09168/pgp00000.pgp
Description: PGP signature