On Sat, 5 Feb 2000, Tom Hulley wrote:
> Could someone elaborate on just how Napster (the MP3 clearinghouse
> program) functions and how best to block it at a firewall. What addresses
> and ports are used? I understand it uses port 6699 and possibly 8875, but
> I hear it can use others. Are there mirror sites, or is it just one
> location. When this service is used, are connections made from client to
> client or is the Napster server sending the data? I can't believe the RIAA
> has not sued to shut them down.
> Any thoughts?
What I've found to be effective is to put an access list on the router for
server.napster.com . The program appears to operate by contacting this
server and then finding another server closer. It appears to always try
and contact server.napster.com even if it found one the last time it ran.
It's always looking for a faster/closer server. It also uses icmp
responses to list access times. I'm not sure that blocking icmp helps,
but we were doing that anyway. :-)
So far this appears to have been effective for us. The next step I'm
looking at is taking some of the reverse engineering pages on Napster, and
figuring out exactly what ports it wants and then blocking them.
Of course you can see that people are getting around it ...
http://news.cnet.com/news/0-1005-200-1540578.html?tag=st.ne.1002
I'm trying to figure out if there's an easy way to block people from using
an external proxy. Our students tend to be rather resourcefull little
PITA's.
I've got these two sources of info that might help.
http://david.weekly.org/code/napster.php3
http://opennap.sourceforge.net/napster.txt
I hope this helps you. Let me know if you discover anything of additional
interest!
Michael
--
-------------------------------o--------------------------------
Michael H. Martel | Vermont State Colleges
[EMAIL PROTECTED] | Technical Support Specialist
http://probe.vsc.edu/~michael | PH:802-241-2535 FX:802-241-3363
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
