[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] How do I block ports, services to mp3,real player, avi , etc..etc
Cheers, I'll tackle these as you suggested. however, would be possible if you could kindly explain to me or direct me in the right direction to read about this URI method - wild cards, as I haven't had any exposure to them before. Many thanks again for your help. -----Original Message----- From: Simon Desmeules [mailto:[email protected]] Sent: Friday, 29 March 2002 1:23 AM To: [email protected] Subject: Re: [FW-1] How do I block ports, services to mp3,real player, avi, etc..etc What you want to use is a HTTP resource. Solution ID: 55.0.460 Typically streaming audio/video is requested via port 80. The request is made from the browser via HTTP, and the requested file is played back by the computer as it is received. Disable streaming audio/video by using the HTTP resource. First, define the resource as follows: URI method: wild cards scheme: http methods: get host: * path: *. {ra,rm,ram,mov,asf,asx,wm,wma,wax,wvx} Then make a rule before all HTTP rules using this resource, as follows: Src: any Dst: any Service: http->resource {audio streaming} action: drop (or reject) Other extensions can be added as needed. ( .mp3, .avi or whatever ) hope this helps! Simon. Simon Desmeules CCSE, ISS, MCSE + CNA Firewall / Intrusion Specialist T:Watch the upcoming book on NG Firewall-1 http://www.syngress.com ISBN: 1-928994-74-1 ----- Original Message ----- From: "Rezk, Kamil" <[email protected]> To: <[email protected]> Sent: Wednesday, March 27, 2002 10:51 PM Subject: [FW-1] How do I block ports, services to mp3,real player, avi, etc..etc > Hello all, > I am pretty new to checkpoint and any help would be muchly appreciated. > Has any of you found a successful way to prevent streaming audio, (and > video), aol, icq, msn messsenger that uses http, etc ports? Most of our > traffic is caused by those online radio stations and downloadable media > files such as mp3's, avi, real audio etc. At this moment, there seems little > I can do except blocking the hosts themselves on ip-level.... > > I would appreciate if you could direct me in the right path. > > > Many thanks > > > Kamil > > ================================================= > To set vacation, Out Of Office, or away messages, > send an email to [email protected] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [email protected] > ================================================= > ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|