Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] How do I block ports, services to mp3,real player, avi , etc..etc

To: [email protected]
Subject: Re: [FW-1] How do I block ports, services to mp3,real player, avi , etc..etc
From: "Zielke, Alex" <[email protected]>
Date: Thu, 28 Mar 2002 07:43:26 -0500
Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>

There really isn't an easy way to block these as we have a similar problem
in trying to block IM traffic.  We have deny rules above our outbound
traffic rules that block these services specifically.  For AOL and ICQ,
simply block port 5190.  MSN and Yahoo can be configured to use port 80 in
which case you have to block the hosts.  The problem with that is that they
seem to constantly change.  The easiest way to find them is to load the IM
on a test machine and watch the firewall log as you connect to the services.
Then one by one create host entries for them and put them in a denied group.


It was the only way we could think of to block these.  I would love to hear
if anyone else has any ideas.


 -----Original Message-----
From:   Rezk, Kamil [mailto:[email protected]]
Sent:   Wednesday, March 27, 2002 10:51 PM
To:     [email protected]
Subject:        [FW-1] How do I block ports, services to mp3,real player,
avi, etc..etc

Hello all,
I am pretty new to checkpoint and any help would be muchly appreciated.
Has any of you found a successful way to prevent streaming audio, (and
video), aol, icq, msn messsenger that uses http, etc ports? Most of our
traffic is caused by those online radio stations and downloadable media
files such as mp3's, avi, real audio etc. At this moment, there seems little
I can do except blocking the hosts themselves on ip-level....

I would appreciate if you could direct me in the right path.


Many thanks


Kamil

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

Prev by Date: Re: [FW-1] How do I block ports, services to mp3,real player, avi, etc..etc
Next by Date: Re: [FW-1] CVP problem NG & Viruswall
Previous by thread: [FW-1] AOL and secure client problem
Next by thread: Re: [FW-1] - slow page loads with nimda uri implemented
Index(es):
- Date
- Thread