[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-Disclosure] Blocking Music Sharing.
- To: "Full Disclosure" <full-disclosure@xxxxxxxxxxxxxxxx>
- Subject: Re: [Full-Disclosure] Blocking Music Sharing.
- From: "Kristian Hermansen" <khermansen@xxxxxxxxxxxxxxxxx>
- Date: Mon, 15 Sep 2003 17:01:52 -0400
MessageA somewhat expensive, but highly configurable, solution is available
from http://www.Packeteer.com. They sell devices called "Packet Shapers",
which filter data to layer 7 based on your config. These devices normally have
a nice web interface (http port 80) if your not familiar with how to config
manually using other linux solutions. The nice thing about them is that they
are dedicated hardware devices, so they are much better at analyzing large
traffic volumes.
Kris Hermansen
----- Original Message -----
From: Bergeron, Jared
To: full-disclosure@xxxxxxxxxxxxxxxx
Sent: Monday, September 15, 2003 1:59 PM
Subject: RE: [Full-Disclosure] Blocking Music Sharing.
I think the key here is a strong enforceable communicated policy and then
identifying the traffic and addressing the user. I would go with an IDS (Snort
is a good choice to IDENTIFY as you can easily write the sigs). Now granted
Snort could pick it up on different ports depending on what it was looking for,
however you need to think about tunneled connections via ssh and ssl. A good
client inventory app seems to be the best way to catch these. Ahhh big brother
and his tools.
Regards,
---------------------
Jared Bergeron
Systems Analyst / E-Security
XEROX Office Printing Business
------------------------------------------------------------------------------
From: Jason Bethune [mailto:jbethune@xxxxxxxxxxxxxxxxxxxx]
Sent: Monday, September 15, 2003 10:07 AM
To: full-disclosure@xxxxxxxxxxxxxxxx
Snort is one tool used by alot of IT guys to block file sharing programs. THe
trouble with these programs is that they have built in port "movers" that will
scan the local network to find an available port to work on. Scripting is one
way to do it....but that mostly just alerts you to the fact that there is
traffice being used on your network for file sharing. I would like to know an
exact way to block file sharing as well...
Jason Bethune
IT Specialist
Town of Kentville
354 Main Street
Kentville, NS
B4N 1K6
www.town.kentville.ns.ca
------------------------------------------------------------------------------
From: full-disclosure-admin@xxxxxxxxxxxxxxxx
[mailto:full-disclosure-admin@xxxxxxxxxxxxxxxx] On Behalf Of Johnson, Mark
Sent: Monday, September 15, 2003 1:37 PM
To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: [Full-Disclosure] Blocking Music Sharing.
Due to the legal issues, I am trying to block access to sites like Kazaa and
Limewire in the office. If I am not mistaken, these networks can use different
ports each time, so there is no way to block it at the firewall. Is this
right? And if so, what is the best way to block access to these types of sites?
Many thanks,
Mark J.