NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] Does anyone know how to block Kazaa, Morpheus and all these paras ites on a FW-1 ?

Title: Message
What rule is allowing them to go out?  Check that rule.  Your clean up rule would normally dis-allow access to those ports, unless specifically allowed by a higher rule.
-----Original Message-----
From: Serge Vondandamo [mailto:[email protected]]
Sent: Thursday, March 14, 2002 11:46 AM
To: [email protected]
Subject: Re: [FW-1] Does anyone know how to block Kazaa, Morpheus and all these paras ites on a FW-1 ?

Well, that is not exactly what I want.
I just need to block Kazaa and Morpheus and that is it. But I do not need to change my firewall policy to what you are suggesting.
 
This sounds like I am back to School learing how to setup firewalls, well, I don't need that.
I am just looking for tips on how to effectively block specific applications: Kazaa and Morpheus, which seems to operate on different ports than 1214 UDP/TCP.
 
Thanks for anyone who knows the exact tips.
 
Cheers,
Serge
-----Original Message-----
From: Chontzopoulos, Dimitris [mailto:[email protected]]
Sent: jeudi 14 mars 2002 17:13
To: [email protected]
Subject: Re: [FW-1] Does anyone know how to block Kazaa, Morpheus and all these paras ites on a FW-1 ?

Yes... Deny everything from the start (this is what you should have done in the first place), create a network diagram showing what your traffic really is, install a Proxy for WEB browsing, and start Permitting based on what your needs are.
-----Original Message-----
From: Serge Vondandamo [mailto:[email protected]]
Sent: Thursday, March 14, 2002 5:10 PM
To: [email protected]
Subject: [FW-1] Does anyone know how to block Kazaa, Morpheus and all these paras ites on a FW-1 ?

Hi,

I have made a rule rejecting all incoming & Outgoing connections on UDP 1214 and TCP 1214, and I thought that would block KazAa and some of these parasite but it did not !!!

Users can still use Kazaa and share files. Does anyone know how to effectively block this ?
Thanks for your help.

Cheers,
Serge

-----Original Message-----
From: Don [mailto:[email protected]]
Sent: jeudi 14 mars 2002 14:54
To: [email protected]
Subject: Re: [FW-1] Source IP change after creating uri


> I'm using FW 4.1 SP5, anyone any idea how to get the FW to broadcast
> the actual source IP instead of it's int IP after applying a URI
> resource to a rule ? ie would be nice to know what host was attacking
> your dmz with a codered worm etc...
There is no way to do this. When a connection passes through the security server it is proxied and the source becomes the firewall. You would need to look at the firewall logs to find the source address.

-don

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail =================================================
To unsubscribe from this mailing list,
please see the instructions at http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected] =================================================


 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.