IIRC, kazaa has various firewall-piercing options, including using the HTTP port on either the sender or reciever's end to handle transfers.
-----Original Message----- From: ezra daniel [mailto:[EMAIL PROTECTED] Sent: Tuesday, November 19, 2002 1:12 PM To: [email protected] Subject: Re: blocking kazaa I agree, In every firewall manual its explained that a good firewall should allow only certain traffic and always block/drop the rest... He seems not to be doing so. -daniel http://www.debian-gnu.com >From: Henrique Pedroni Neto <[EMAIL PROTECTED]> >To: [email protected] >Subject: Re: blocking kazaa >Date: Tue, 19 Nov 2002 15:21:56 -0200 > >Hello, > >You can set the default policy to DROP, >and later open only the ports that you need to make the conection. > >I do this im my box and worked fine. > >Regards, > >Henrique > >|Hi there, >| >|I got a trouble in my network while trying to block Kazaa. >|I tried to drop port 1214 with this rule: >| >|iptables -A FORWARD --dport 1214 -j DROP >| >|but this doesn't work. so I did sniffing to see what kind of packets and >|ports kazaa uses and I saw that it searches for servers in different >ports. >|later, I read in various texts around the net, but all recommend to block >|port 1214 and kazaa site. this probably worked in version 1. >| >|how could I block kazaa, since I need accept connections in high ports? >| >|sorry for the bad english. >| >|regards, >| >|phadell > > >-- >Henrique Pedroni Neto >Administrador de Rede - ITAL (http://www.ital.org.br) >E-mail: [EMAIL PROTECTED] >UIN: 8146255 >D�vidas sobre Debian? Visite o Rau-Tu: http://rautu.cipsga.org.br >"One foot to rule them all" - GNOME > ><< 00000000.mimetmp >> ><< attach5 >> _________________________________________________________________ Charla con tus amigos en l�nea mediante MSN Messenger: http://messenger.microsoft.com/es -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
