[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Full-Disclosure] Blocking Music Sharing.

To: "Bergeron, Jared" <jared.bergeron@xxxxxxxxxxxxxxxx>
Subject: RE: [Full-Disclosure] Blocking Music Sharing.
From: Ron DuFresne <dufresne@xxxxxxxxxxxxx>
Date: Mon, 15 Sep 2003 15:04:40 -0500 (CDT)


The problem with sites that are not really able to enforce, can be
somewhat mitigated by a weekly posting of offenders in a pulic place
within the company halls.

Thanks,

Ron DuFresne

On Mon, 15 Sep 2003, Bergeron, Jared wrote:

> I think the key here is a strong enforceable communicated policy and then 
> identifying the traffic and addressing the user. I would go with an IDS 
> (Snort is a good choice to IDENTIFY as you can easily write the sigs). Now 
> granted Snort could pick it up on different ports depending on what it was 
> looking for, however you need to think about tunneled connections via ssh and 
> ssl. A good client inventory app seems to be the best way to catch these... 
> Ahhh big brother and his tools.
>
> Regards,
> ---------------------
> Jared Bergeron
> Systems Analyst / E-Security
> XEROX Office Printing Business
>
>   _____
>
> From: Jason Bethune [mailto:jbethune@xxxxxxxxxxxxxxxxxxxx]
> Sent: Monday, September 15, 2003 10:07 AM
> To: full-disclosure@xxxxxxxxxxxxxxxx
>
>
>
> Snort is one tool used by alot of IT guys to block file sharing programs. THe 
> trouble with these programs is that they have built in port "movers" that 
> will scan the local network to find an available port to work on. Scripting 
> is one way to do it....but that mostly just alerts you to the fact that there 
> is traffice being used on your network for file sharing. I would like to know 
> an exact way to block file sharing as well...
>
>
>
> Jason Bethune
>
>
>
> IT Specialist
>
> Town of Kentville
>
> 354 Main Street
>
> Kentville, NS
>
> B4N 1K6
>
>
>
> www.town.kentville.ns.ca
>
>
>
>
>
>   _____
>
> From: full-disclosure-admin@xxxxxxxxxxxxxxxx 
> [mailto:full-disclosure-admin@xxxxxxxxxxxxxxxx] On Behalf Of Johnson, Mark
> Sent: Monday, September 15, 2003 1:37 PM
> To: full-disclosure@xxxxxxxxxxxxxxxx
> Subject: [Full-Disclosure] Blocking Music Sharing.
>
> Due to the legal issues, I am trying to block access to sites like Kazaa and 
> Limewire in the office.  If I am not mistaken, these networks can use 
> different ports each time, so there is no way to block it at the firewall.  
> Is this right?  And if so, what is the best way to block access to these 
> types of sites?
>
>
>
> Many thanks,
>
> Mark J.
>
>

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
        ***testing, only testing, and damn good at it too!***

OK, so you're a Ph.D.  Just don't touch anything.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- Re: [Full-Disclosure] Blocking Music Sharing.
  - From: Cael Abal

References:
- RE: [Full-Disclosure] Blocking Music Sharing.
  - From: Bergeron, Jared

Prev by Date: [Full-Disclosure] IE Object Type Validation Vulnerability Exploit
Next by Date: Re: [Full-Disclosure] Blocking Music Sharing.
Previous by thread: Re: [Full-Disclosure] IE Object Type Validation Vulnerability Exploit
Next by thread: Re: [Full-Disclosure] Blocking Music Sharing.
Index(es):
- Date
- Thread