|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [FW1] Real Player
Hi
Be aware though that RealPlayer can redirect through port 80 (http).
In this case the only realistic way to block through FW-1 is to use an http-with-resource type rule (there have been various postings) e.g.:-
/cut/
How to block HTTP downloads
Fact: Firewall-1
Fact: HTTP Security Server
Fix: Create a HTTP resource as follows:
In the URI Definition window, "Match" tab:
Schemes: HTTP
Methods: GET
Host: *
Path: *.{ra,rm,ram,mov,asf,asx,wm,wma,wax,wvx,mp3}
Query: *
Include any desired extensions
Create a rule that uses this resource and denies access to anything
matching this resource (note this rule should show up before your rules
that allow general HTTP access):
Source Destination Service Action
Internal-Net Any http->resource Reject
The rule above also blocks Real Audio, Windows Media Player, and most
Streaming Audio and Video, although Real Player can be reconfigured to use
HTTP so that may still get through. As an FYI, you may also want to create
an FTP Resource that does the same thing. Users can get be pretty
resourceful if they have to......
|
/cut/
NOTE: This has some unfortunate side effects - e.g. http 1.1 (on some newer sites) can mean that the site won't work properly. An easy fix is to disable http 1.1 support in the browser - there are also some other suggested fixes in postings although I don't believe there is an 'official' Checkpoint fix for this.
Also (please could others comment) - there could be an extra workload on the firewall and latency on the Internet performance ?
Tim Higgins
Hi Walter,
Real player uses ports 8200,3030 to 3036, 7070. If you block these ports you
can stop real player.
Regards,
Gupta B.S
-----Original Message-----
From: [email protected]
[mailto:[email protected]]On Behalf Of
Chin, Walter
Sent: Thursday, March 08, 2001 7:27 PM
To: Checkpoint Mailinglist (E-mail)
Subject: [FW1] Real Player
Does anybody know what ports Real Player uses?
============================================================================
====
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
============================================================================
====
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
#**********************************************************************
This message is intended solely for the use of the individual
or organisation to whom it is addressed. It may contain
privileged or confidential information. If you have received
this message in error, please notify the originator immediately.
If you are not the intended recipient, you should not use,
copy, alter, or disclose the contents of this message. All
information or opinions expressed in this message and/or
any attachments are those of the author and are not
necessarily those of Hughes Network Systems Limited,
including its European subsidiaries and affiliates. Hughes
Network Systems Limited, including its European
subsidiaries and affiliates accepts no responsibility for loss
or damage arising from its use, including damage from virus.
#**********************************************************************
|
|