| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <028e01c37bc2$080fa220$0238200a@cipher> From: lists at ciphin.com (Todd Mitchell - lists) Subject: Blocking Music Sharing. It's probably easiest to create policies & procedures regarding P2P transfer and then rather than block it and have the traffic bounce to another port simply rate limit the traffic on a border router to something were users won't use it because it is too slow. Todd -- | -----Original Message----- | From: full-disclosure-admin@...ts.netsys.com [mailto:full-disclosure- | admin@...ts.netsys.com] On Behalf Of srenna@...music.com | Sent: Monday, September 15, 2003 2:56 PM | To: Dimitri Limanovski; Johnson, Mark | Cc: full-disclosure@...ts.netsys.com | Subject: Re: [Full-Disclosure] Blocking Music Sharing. | | That won't alwasy work. | I don't know enough about the inner workings of Limewire | and such but I know that AIM has a mechanism to go out over | any well known port such as 53 or 21...i'm sure the makers | of P2P have incorporated similiar features into their | designs. | | The only advice I can give is to monitor the traffic | utilizing Snort, create AUPs for employees, and take steps | against them if they violate it. | | Someone else out there may have a better idea, but if IM | can do it, i'm sure these programs can take any outbound | path they want... | | Scott Renna | Symantec Managed Security Services | | | | On Mon, 15 Sep 2003 13:42:03 -0400 | "Dimitri Limanovski" <dlimanov@....com> wrote: | > | > Just block ALL the traffic outbound and allow only | > necessary ports, | > like HTTP/S, FTP, SMTP, DNS etc. Requires more work on | > your end | > managing the firewall rules but a better practice and | > protection in | > the long run. | > | > | > Dimitri | > | > | > | > |---------+--------------------------------------> | > | | "Johnson, Mark" | | > | | <mjohnson@...r.com> | | > | | Sent by: | | > | | full-disclosure-admin@...ts| | > | | .netsys.com | | > | | | | > | | | | > | | 09/15/2003 12:37 PM | | > | | | | > |---------+--------------------------------------> | > | >----------------------------------------------------------------------- | ---------------------------------------| | > | | > | | > | | > | To: <full-disclosure@...ts.netsys.com> | > | | | > | cc: | > | | > | | > | Subject: [Full-Disclosure] Blocking Music | > Sharing. | > | | > | >----------------------------------------------------------------------- | ---------------------------------------| | > | > | > | > Due to the legal issues, I am trying to block access to | > sites like | > Kazaa and Limewire in the office. If I am not mistaken, | > these | > networks can use different ports each time, so there is | > no way to | > block it at the firewall. Is this right? And if so, | > what is the best | > way to block access to these types of sites? | > | > Many thanks, | > Mark J. | > | > | > | > | > _______________________________________________ | > Full-Disclosure - We believe in it. | > Charter: | > http://lists.netsys.com/full-disclosure-charter.html | | _______________________________________________ | Full-Disclosure - We believe in it. | Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists