[unisog] Blocking Kazaa

Daniel G. Epstein depstein at uchicago.edu
Wed Apr 9 18:25:37 GMT 2003


On Tue, Apr 08, 2003 at 05:47:28PM -0300, Marcos Guerra wrote:
> Hi all,
>  
> I would like to know how to block the Kazaa program through my firewall.
> As far I know, it uses port 80 and I cannot block this port, I try to block
> port tcp 1214 and didn't work, cause it will use port 80 to connect and
> downloads.
>  
> If anyone could help me, I'll be very thankfull.
>  
> Thanks a lot;
>  
> Marcos Guerra

Unfortunately, as you've found, Kazaa clients will dynamically reassign
ports if they find a block in place on the one they initially try.  The
only solution we've found is to use some sort of packet shaper
technology, a hardware device designed to analyze and manipulate
packets on the wire based on a complex set of rules.  There has
previously been a pretty detailed conversation of this topic on the
list.  There is an archive up through last year available at
<http://www.theorygroup.com/Archive/Unisog/>.  I don't know of a more
current one off-hand, but the packet shaper thread should have been in
2002, iirc.

Take care,

Dan

-- 

A boast of "I have been's,"  | Daniel G. Epstein
quoted from foolscap tomes,  | Network Security Officer,
is a shadow brushed away     | Network Security Center
by an acorn from an oak tree | NSIT, The University of Chicago 
or a salmon in a pool.       | depstein at uchicago.edu

GnuPG public keys available from http://pgp.mit.edu/
or http://security.uchicago.edu/centerinfo/pgpkeys.shtml



More information about the unisog mailing list