NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] How do I block ports, services to mp3,real player, avi , etc..etc



Cheers, I'll tackle these as you suggested. however, would be possible if
you could kindly explain to me or direct me in the right direction to read
about this URI method - wild cards, as I haven't had any exposure to them
before.

Many thanks again for your help.

-----Original Message-----
From: Simon Desmeules [mailto:[email protected]]
Sent: Friday, 29 March 2002 1:23 AM
To: [email protected]
Subject: Re: [FW-1] How do I block ports, services to mp3,real player,
avi, etc..etc


What you want to use is a HTTP resource.


Solution ID: 55.0.460
Typically streaming audio/video is requested via port 80. The request is
made from the browser via HTTP, and the requested file is played back by the
computer as it is received.

Disable streaming audio/video by using the HTTP resource.

First, define the resource as follows:
URI method: wild cards
scheme: http
methods: get
host: *
path: *. {ra,rm,ram,mov,asf,asx,wm,wma,wax,wvx}

Then make a rule before all HTTP rules using this resource, as follows:
Src: any
Dst: any
Service: http->resource {audio streaming}
action: drop (or reject)

Other extensions can be added as needed. ( .mp3, .avi or whatever )

hope this helps!
Simon.

Simon Desmeules
CCSE, ISS, MCSE + CNA
Firewall / Intrusion Specialist
T:Watch the upcoming book on NG Firewall-1
http://www.syngress.com
ISBN: 1-928994-74-1

----- Original Message -----
From: "Rezk, Kamil" <[email protected]>
To: <[email protected]>
Sent: Wednesday, March 27, 2002 10:51 PM
Subject: [FW-1] How do I block ports, services to mp3,real player, avi,
etc..etc


> Hello all,
> I am pretty new to checkpoint and any help would be muchly appreciated.
> Has any of you found a successful way to prevent streaming audio, (and
> video), aol, icq, msn messsenger that uses http, etc ports? Most of our
> traffic is caused by those online radio stations and downloadable media
> files such as mp3's, avi, real audio etc. At this moment, there seems
little
> I can do except blocking the hosts themselves on ip-level....
>
> I would appreciate if you could direct me in the right path.
>
>
> Many thanks
>
>
> Kamil
>
> =================================================
> To set vacation, Out Of Office, or away messages,
> send an email to [email protected]
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> [email protected]
> =================================================
>

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.