[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW1] How to block morpheus? (the new napster)
Hello mr. Appelboom, Wednesday, July 18, 2001, 3:07:43 PM, you wrote: we are wondering about morpheus as well. for the tech. department we have an outbound allowed all rule. inbound poorly nothing allowed. when you start morpheus the client start a connection to 1214 and start a listener on 1214. according to the theory you should be able to start an outbound connection but no one should come in. but in real life there are connections possible. that against the gravity. how can anyone start a connection to my box when checkpoint shouldn´t allow the syn packet to 1214 on my machine. mysterious thing. you should definetly close this port in both directions. one thing is a clear cut: morheus is a pretty high danger for any firewall! EA> Does anyone have a solution to block morpheus from www.musiccity.com EA> <http://www.musiccity.com> EA> I have found this thread. EA> Newsgroups: EA> <http://groups.google.com/groups?hl=en&safe=off&group=comp.security.firewall s>> comp.security.firewalls EA> View EA> <http://groups.google.com/groups?hl=en&safe=off&ic=1&th=b5ab736ba010c22c,76& EA> seekm=SF7M6.10484%24%25i7.10534113%40news1.rdc1.sfba.home.com#p> complete EA> thread (76 articles) EA> Date: 2001-05-15 03:37:38 PST EA> I have just found that the new Morpehus file sharing system cannot be EA> blocked. You try to block the main login server, the program gets around it. EA> I have experimented with this, and have found that Morpheus will be the EA> network administrator's WORST NIGHTMARE. EA> Since I want to be a network admin someday, I am teaching myself some EA> of the things about content filtering you do NOT learn in college. And my EA> experimentation with trying to block Morpheus is that they designers of EA> MusicCity's new file sharing system have made their network unblockable. EA> On the other hand, while Napster cannot completely be blocked, it is EA> possible to block out artists by keywork, such artists with offensive EA> lyrics, such as Madonna, Prince, or 2 Live Crew can be block by keyword such EA> that if someone tries a search, the query will return nothing, as the EA> queries will be blocked by the filter. EA> But I can say that MusicCity has developed a file sharing system that EA> cannot be blocked. You try blocking any server address, the software will EA> route itself around it to reach the server, the system is that un-blockable. EA> have a hard time believing it _can't_ be blocked, but don't know enough EA> about what it does to say what would be the best way. The website doesn't EA> give much in the way of details about how it works. Maybe if someone could EA> post a technical description of its operation (ports, protocols, etc.) more EA> info could be given. I really doubt it would be able to get through a EA> firewall if I didn't want it EA> to, but I am open to hearing more details! EA> Eric Appelboom -- Mit besten Grüssen, stefan fassbender mailto:[email protected] ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|