YES...
Thnx
Shaheer
At 09:13 AM 6/18/2001 -0700, you wrote:
>Send Firewalls mailing list submissions to
> [EMAIL PROTECTED]
>
>To subscribe or unsubscribe via the World Wide Web, visit
> http://lists.gnac.net/mailman/listinfo/firewalls
>or, via email, send a message with subject or body 'help' to
> [EMAIL PROTECTED]
>
>You can reach the person managing the list at
> [EMAIL PROTECTED]
>
>When replying, please edit your Subject line so it is more specific
>than "Re: Contents of Firewalls digest..."
>
>
>Today's Topics:
>
> 1. NAT speeds (Sameer R. Manek)
> 2. RE: Looking for Firewall ([EMAIL PROTECTED])
> 3. RE: Looking for Firewall (Chris Schuler)
> 4. RE: Looking for Firewall (Byron Kennedy)
> 5. RE: Looking for Firewall (Ron DuFresne)
> 6. about Oracle Security [question] (=?ks_c_5601-1987?B?vLG/tbHZ?=)
> 7. RE: Block internet radio (Keller, Dennis A (DDSP))
> 8. Sans (Johnston Mark)
> 9. sniffer programs ([EMAIL PROTECTED])
> 10. Re: NAT speeds (mouss)
> 11. RE: Network Sniffers (mouss)
> 12. RE: Network Sniffers (Daniel Crichton)
> 13. block Real Audio (again) (Eliyah Lovkoff)
> 14. RE: Block internet radio (Olivier Kaloudoff)
>
>--__--__--
>
>Message: 1
>From: "Sameer R. Manek" <[EMAIL PROTECTED]>
>To: <[EMAIL PROTECTED]>
>Subject: NAT speeds
>Date: Sun, 17 Jun 2001 14:25:35 -0700
>
>Does any one have any recommendations on what we should use to implement nat
>at close to 100mb speeds?
>
>Cisco router is preferred.
>
>Sameer
>
>
>--__--__--
>
>Message: 2
>From: [EMAIL PROTECTED]
>To: Zachary Uram <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
>Date: Thu, 14 Jun 2001 14:08:05 -0700
>Subject: RE: Looking for Firewall
>
> Well, at ~$20,000, the Cisco 7206 VXR router was competitive with
>the alternative, an HSSI *interface* for our Cisco 3660 router.
>(These were, however, to handle a DS-3, burstable up to 45Mbps.)
> Good networking equipment that handle lots of bandwidth carries
>pricetags. Yes, you can probably save some money by shopping
>around...
>
>David Gillett
>
>
>On 14 Jun 2001, at 16:44, Zachary Uram wrote:
>
> > wow $12,000 for a single firewall?!
> > i didn't realize network security devices were so costly
> > maybe that's why many business/organizations have neglected
> > security?
> > are routers and other network devices similiarly expensive?
> >
> >
> > [EMAIL PROTECTED]
> > "Blessed are those who have not seen and yet have faith." - John 20:29
> >
> >
>
>
>
>--__--__--
>
>Message: 3
>From: Chris Schuler <[EMAIL PROTECTED]>
>To: 'Zachary Uram' <[EMAIL PROTECTED]>,
> Byron Kennedy <[EMAIL PROTECTED]>
>Cc: 'Paul Wentland' <[EMAIL PROTECTED]>,
> "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]>,
> "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]>
>Subject: RE: Looking for Firewall
>Date: Thu, 14 Jun 2001 17:14:20 -0400
>
>switch and routers are easily as expensive
>a fully loaded 6509 switch with FastE and an MSFC for routing can cost over
>$75,000
>and im usre the 12000 series routers with GSRs can cost almost a quarter of
>a mill.
>
>
>
>
>
>
>-----Original Message-----
>From: Zachary Uram [mailto:[EMAIL PROTECTED]]
>Sent: Thursday, June 14, 2001 4:45 PM
>To: Byron Kennedy
>Cc: 'Paul Wentland'; '[EMAIL PROTECTED]';
>'[EMAIL PROTECTED]'
>Subject: RE: Looking for Firewall
>
>
>wow $12,000 for a single firewall?!
>i didn't realize network security devices were so costly
>maybe that's why many business/organizations have neglected
>security?
>are routers and other network devices similiarly expensive?
>
>
>[EMAIL PROTECTED]
>"Blessed are those who have not seen and yet have faith." - John 20:29
>
>_______________________________________________
>Firewalls mailing list
>[EMAIL PROTECTED]
>http://lists.gnac.net/mailman/listinfo/firewalls
>
>--__--__--
>
>Message: 4
>From: Byron Kennedy <[EMAIL PROTECTED]>
>To: 'Zachary Uram' <[EMAIL PROTECTED]>,
> Byron Kennedy <[EMAIL PROTECTED]>
>Cc: 'Paul Wentland' <[EMAIL PROTECTED]>,
> "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]>,
> "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]>
>Subject: RE: Looking for Firewall
>Date: Thu, 14 Jun 2001 14:17:50 -0700
>
>they can be. I've worked with routers that range in price from $75 to
>$75,000. depends on what you're doing, what your needs are. As many of us
>have mentioned, quantifying your needs will help dictate a solution.
>
>byron
>
>
>-----Original Message-----
>From: Zachary Uram [mailto:[EMAIL PROTECTED]]
>Sent: Thursday, June 14, 2001 1:45 PM
>To: Byron Kennedy
>Cc: 'Paul Wentland'; '[EMAIL PROTECTED]';
>'[EMAIL PROTECTED]'
>Subject: RE: Looking for Firewall
>
>
>wow $12,000 for a single firewall?!
>i didn't realize network security devices were so costly
>maybe that's why many business/organizations have neglected
>security?
>are routers and other network devices similiarly expensive?
>
>
>[EMAIL PROTECTED]
>"Blessed are those who have not seen and yet have faith." - John 20:29
>
>_______________________________________________
>Firewalls mailing list
>[EMAIL PROTECTED]
>http://lists.gnac.net/mailman/listinfo/firewalls
>
>--__--__--
>
>Message: 5
>Date: Sun, 17 Jun 2001 22:40:02 -0500 (CDT)
>From: Ron DuFresne <[EMAIL PROTECTED]>
>To: [EMAIL PROTECTED]
>Cc: Zachary Uram <[EMAIL PROTECTED]>
>Subject: RE: Looking for Firewall
>
> >
> > On 14 Jun 2001, at 16:44, Zachary Uram wrote:
> >
> > wow $12,000 for a single firewall?!
> > i didn't realize network security devices were so costly
> > maybe that's why many business/organizations have neglected
> > security?
> > are routers and other network devices similiarly expensive?
>
>
>What we've come to know as the "Internet", all the protocols that make it
>happen under the hood, so that applications do the little things they do
>for us, dancing to our finger-tips and clicks of mices and such, was not
>designed with security in mind, the focus back then was to get something
>to work, and to work in a semi fault tolerant way. It's pretty much the
>same focus most programmers have when putting tools and toys together
>before slapping then down on floppies and CD's for our mail order biz.
>This means that most all the security tools and trinkets used today, and
>many of the bugs fixed in the code of old, are afterthoughts, shims and
>wedges fitted into the puzzle of the Internet and intranets attached to
>it. Remodling is dirty work, and costly. Folks tend to fudge when it
>means that something that they have gotten used to, that seems to have
>functioned adequetly over the years, is going to be changed and updated,
>perhaps even making those persons have to add keystrokes to the simple
>commands and login practices they have become accustomed to. Of course
>there are those folks, that no matter how much you try to warn them that
>they are facing a long walk through deep shit, are going to end up with
>crappy boots. And of course a good set of boots are not all that cheap.
>
>
>
>Thanks,
>
>
>Ron DuFresne
>~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>"Cutting the space budget really restores my faith in humanity. It
>eliminates dreams, goals, and ideals and lets us get straight to the
>business of hate, debauchery, and self-annihilation." -- Johnny Hart
> ***testing, only testing, and damn good at it too!***
>
>OK, so you're a Ph.D. Just don't touch anything.
>
>
>--__--__--
>
>Message: 6
>From: =?ks_c_5601-1987?B?vLG/tbHZ?= <[EMAIL PROTECTED]>
>To: <[EMAIL PROTECTED]>
>Subject: about Oracle Security [question]
>Date: Mon, 18 Jun 2001 17:54:46 +0900
>
>This is a multi-part message in MIME format.
>
>------=_NextPart_000_0021_01C0F81F.C32DB0C0
>Content-Type: text/plain;
> charset="ks_c_5601-1987"
>Content-Transfer-Encoding: base64
>
>SGksIEV2ZXJ5b25lLg0KDQpJcyB0aGVyZSBhbnlib2R5IHdobyBrbm93cyBhYm91dCBPcmFjbGUg
>c2VjdXJpdHkgYW5kIElUIGF1ZGl0IHBvaW50IGZvciBPcmFjbGUgREIgPw0KUGxlYXNlIGhlbHAg
>bWUuIF5eDQoNCkhhdmUgYSBuaWNlIGRheSBhbmQgZ29vZCBsdWNrICEhDQo=
>
>------=_NextPart_000_0021_01C0F81F.C32DB0C0
>Content-Type: text/html;
> charset="ks_c_5601-1987"
>Content-Transfer-Encoding: base64
>
>PCFET0NUWVBFIEhUTUwgUFVCTElDICItLy9XM0MvL0RURCBIVE1MIDQuMCBUcmFuc2l0aW9uYWwv
>L0VOIj4NCjxIVE1MPjxIRUFEPg0KPE1FVEEgY29udGVudD0idGV4dC9odG1sOyBjaGFyc2V0PWtz
>X2NfNTYwMS0xOTg3IiBodHRwLWVxdWl2PUNvbnRlbnQtVHlwZT4NCjxNRVRBIGNvbnRlbnQ9Ik1T
>SFRNTCA1LjAwLjMxMDUuMTA1IiBuYW1lPUdFTkVSQVRPUj4NCjxTVFlMRT48L1NUWUxFPg0KPC9I
>RUFEPg0KPEJPRFkgYmdDb2xvcj0jZmZmZmZmPg0KPERJVj48Rk9OVCBzaXplPTI+SGksIEV2ZXJ5
>b25lLjwvRk9OVD48L0RJVj4NCjxESVY+Jm5ic3A7PC9ESVY+DQo8RElWPjxGT05UIHNpemU9Mj5J
>cyB0aGVyZSBhbnlib2R5IHdobyBrbm93cyBhYm91dCBPcmFjbGUgc2VjdXJpdHkgYW5kIElUIGF1
>ZGl0IA0KcG9pbnQgZm9yIE9yYWNsZSBEQiA/PC9GT05UPjwvRElWPg0KPERJVj48Rk9OVCBzaXpl
>PTI+UGxlYXNlIGhlbHAgbWUuIF5ePC9GT05UPjwvRElWPg0KPERJVj4mbmJzcDs8L0RJVj4NCjxE
>SVY+PEZPTlQgc2l6ZT0yPkhhdmUgYSBuaWNlIGRheSBhbmQgZ29vZCBsdWNrICEhPC9GT05UPjwv
>RElWPjwvQk9EWT48L0hUTUw+DQo=
>
>------=_NextPart_000_0021_01C0F81F.C32DB0C0--
>
>
>--__--__--
>
>Message: 7
>From: "Keller, Dennis A (DDSP)" <[EMAIL PROTECTED]>
>To: 'JD' <[EMAIL PROTECTED]>, Eliyah Lovkoff <[EMAIL PROTECTED]>,
> [EMAIL PROTECTED]
>Subject: RE: Block internet radio
>Date: Mon, 18 Jun 2001 07:17:36 -0400
>
>I use Raptor which allows blocking of URL extensions (like JPEG and such).
>But I have had to block entire sites as well.
>
>
>Regards,
>Network Security Administrator
>DDSP
>email: [EMAIL PROTECTED]
>Phone: 717-770-7766
> DSN: 977-7766
> Cell: 717-979-2716
>Pager: 717-231-1960
>
>
>-----Original Message-----
>From: JD [mailto:[EMAIL PROTECTED]]
>Sent: Friday, June 15, 2001 4:37 PM
>To: Eliyah Lovkoff; [EMAIL PROTECTED]
>Subject: Re: Block internet radio
>
>
>I was looking for a solution to this a while back but no joy for me except
>to block access to the sites in question... Not very efficient. BUT I was
>told by someone that they used Checkpoint to block certain files from being
>downloaded: ASX and ASF specifically. I don't use Checkpoint but maybe this
>will send you in the right direction...
>
>-james
>
>
>----- Original Message -----
>From: "Eliyah Lovkoff" <[EMAIL PROTECTED]>
>To: <[EMAIL PROTECTED]>
>Sent: Friday, June 15, 2001 2:21 PM
>Subject: Block internet radio
>
>
>We use Checkpoint 2000 SP3 and Websense 4.2.3
>I'm trying to find some way to block internet radio. (Sites like
>680news,CHFI,and others where you can listen live to radio broadcasts)
>As long as I understand those Internet radio sites use http as a transfer
>protocol , which means I cannot block it.Users need it for normal internet
>access.
>I've found one doc in Websense knowledgebase that states that in most cases
>it is enough to block http://vstream.com and http://windowsmedia.com - this
>will cover both the radio connection and the list of radio stations provided
>my microsoft.
>I blocked those sites and I must admit it didn't help at all.
>
>I just wonder if there is some way to block internet radio anyway....
>
>_______________________________________________
>Firewalls mailing list
>[EMAIL PROTECTED]
>http://lists.gnac.net/mailman/listinfo/firewalls
>
>
>_______________________________________________
>Firewalls mailing list
>[EMAIL PROTECTED]
>http://lists.gnac.net/mailman/listinfo/firewalls
>
>--__--__--
>
>Message: 8
>From: Johnston Mark <[EMAIL PROTECTED]>
>To: [EMAIL PROTECTED]
>Subject: Sans
>Date: Mon, 18 Jun 2001 13:23:33 +0200
>
>This message is in MIME format. Since your mail reader does not understand
>this format, some or all of this message may not be legible.
>
>------_=_NextPart_001_01C0F7E9.1C07D590
>Content-Type: text/plain;
> charset="iso-8859-1"
>
>Hey all,
>
>Is anyone going to be at the SANS course on Wednesday in London??
>
>Cheers
>Mark
>
>------_=_NextPart_001_01C0F7E9.1C07D590
>Content-Type: text/html;
> charset="iso-8859-1"
>
><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
>
>Hey all,
>
>Is anyone going to be at the SANS course on Wednesday in London??
>
>Cheers
>Mark
>------_=_NextPart_001_01C0F7E9.1C07D590--
>
>--__--__--
>
>Message: 9
>From: [EMAIL PROTECTED]
>To: [EMAIL PROTECTED]
>Subject: sniffer programs
>Date: Mon, 18 Jun 2001 08:21:36 -0400
>
>Hello all,
>
>We often hear of bad guys using sniffer programs to check out packets for
>information. My question is where and how are these sniffers usually
>installed. Has anyone ever disovered a sniffer program running on their
>firewall?
>
>Regards,
>S. Filliol
>
>
>--__--__--
>
>Message: 10
>Date: Mon, 18 Jun 2001 14:55:49 +0200
>To: "Sameer R. Manek" <[EMAIL PROTECTED]>,
> <[EMAIL PROTECTED]>
>From: mouss <[EMAIL PROTECTED]>
>Subject: Re: NAT speeds
>
>At 14:25 17/06/01 -0700, Sameer R. Manek wrote:
> >Does any one have any recommendations on what we should use to implement nat
> >at close to 100mb speeds?
>
>why 100mb? is it because you have 100mb ethernet cards? If so, you'll be
>surprised to
>hear that with these, you can get about 6mb....
>
>Anyway, NAT doesn't reduce perfs dramatically, so it shouldn't be a concern
>unless you're
>trying to keep with Gigabit nets...
>
>
> >Cisco router is preferred.
>
>
>--__--__--
>
>Message: 11
>Date: Mon, 18 Jun 2001 15:01:50 +0200
>To: Richard de Jong <[EMAIL PROTECTED]>,
> "'[EMAIL PROTECTED] '" <[EMAIL PROTECTED]>
>From: mouss <[EMAIL PROTECTED]>
>Subject: RE: Network Sniffers
>
>Anyway, spending his time to watch users is really not a good approach,
>from both a human and technical viewpoints.
>
>
>cheers,
>mouss
>
>
>At 19:53 17/06/01 +0200, Richard de Jong wrote:
> >Hi,
> >
> >Perhaps an obvious question as well, but just to make sure: you do run the
> >software as root right? Normal users can't put a device in promiscuous mode.
> >
> >Grtz, Richard
> >
> >-----Original Message-----
> >From: Jason Brown
> >To: [EMAIL PROTECTED]
> >Sent: 15-6-01 20:33
> >Subject: Network Sniffers
> >
> >
> >Hello All,
> >
> >I am trying to set up a sniffer so I can see what the users are doing on
> >the
> >Internet and see if they are abusing the service.
> >
> >To date I've install Ethereal and Ksnuffle but neither are working as
> >they
> >should.
> >
> >I can sniff traffic to and from the machine running the software, but
> >the
> >rest of the network traffic is not visible.
> >
> >According to all the documentation I found, the network cards are put
> >into
> >promiscuous mode automatically by the software. From what I can see,
> >it's
> >almost as if the cards are not.
> >
> >I've installed the software on RedHat 6.2 and 7.1 and used 2 different
> >types
> >of NICs on 2 different machines, and one is a 3Com 590. Anybody know
> >why I
> >can't see everything???
> >
> >What I want to do is generate a graph that will tell me how much NNTP
> >traffic in being pulled down. I know they are pulling down VCD files
> >and I
> >am 99% sure this is causing the slow response, but I'd like to have
> >proof
> >before I point fingers. Ksnuffle looks like it will work, but if
> >someone
> >else has another solution, please let me know.
> >
> >Thanks,
> >
> >Jason
> >
> >_______________________________________________
> >Firewalls mailing list
> >[EMAIL PROTECTED]
> >http://lists.gnac.net/mailman/listinfo/firewalls
> >_______________________________________________
> >Firewalls mailing list
> >[EMAIL PROTECTED]
> >http://lists.gnac.net/mailman/listinfo/firewalls
>
>
>--__--__--
>
>Message: 12
>From: "Daniel Crichton" <[EMAIL PROTECTED]>
>Organization: Computer Manuals Ltd.
>To: [EMAIL PROTECTED]
>Date: Mon, 18 Jun 2001 15:42:55 +0100
>Subject: RE: Network Sniffers
>Reply-To: [EMAIL PROTECTED]
>
>On 18 Jun 2001, at 15:01, mouss wrote:
>
> > >I can sniff traffic to and from the machine running the software, but
> > >the
> > >rest of the network traffic is not visible.
>
>Is your machine plugged into a switch? If so, and you don't have the option
>turned on to forward all packets to your port, you'll only see the packets
>going to and from your own machine and not the rest of the network.
>
>Dan
>
>---
>D.C. Crichton email: [EMAIL PROTECTED]
>Senior Systems Analyst tel: +44 (0)121 706 6000
>Computer Manuals Ltd. fax: +44 (0)121 606 0477
>
>Computer book info on the web:
> http://computer-manuals.co.uk/
>Want to earn money? Join our affiliate network!
> http://computer-manuals.co.uk/affiliate/
>
>
>
>--__--__--
>
>Message: 13
>Date: Mon, 18 Jun 2001 10:52:20 -0500
>From: "Eliyah Lovkoff" <[EMAIL PROTECTED]>
>To: <[EMAIL PROTECTED]>
>Subject: block Real Audio (again)
>
>This is a MIME message. If you are reading this text, you may want to
>consider changing to a mail reader or gateway that understands how to
>properly handle MIME multipart messages.
>
>--=_58024001.89E8AB92
>Content-Type: text/plain; charset=US-ASCII
>Content-Transfer-Encoding: quoted-printable
>Content-Disposition: inline
>
>Thanks people for all your tips (MIME stripping,etc).
>I've figured out how you can use Websense to block real audio and it looks =
>like it is the easiest way to block internet radio.I blocked the following =
>extensions
>ra,rm,asx - is there some others real audio format extensions that I =
>should block?
>
>
>P.S.For those who use Websense and wonder how this can be done I attached =
>file with explanation how to configure it to block real audio.
>
>
>--=_58024001.89E8AB92
>Content-Type: text/plain
>Content-Transfer-Encoding: base64
>Content-Disposition: attachment; filename="How to block Real audio.txt"
>
>VGhlIFdlYnNlbnNlIHNlcnZlciBpcyBhIFVSTCBmaWx0ZXJpbmcgc2VydmVyLiAgSXQgdGFrZXMg
>cmVxdWVzdHMgZm9yIFVSTHMNCmNvbXBhcmVzIHRoZW0gdG8gb3VyIGRhdGFiYXNlIHRvIGRldGVy
>bWluZSBhIGNhdGVnb3J5LCB0aGVuIGRldGVybWluZXMgaWYNCnRoZSByZXF1ZXN0aW5nIHBhcnR5
>IGhhcyBiZWVuIGdyYW50ZWQgYWNjZXNzIHRvIHRoYXQgY2F0ZWdvcnksIGFuZCBpZiBzbyBpdA0K
>YWxsb3dzIHRoZSBVUkwgcmVxdWVzdCB0byBiZSBwcm9jZXNzZWQsIGlmIG5vdCBpdCByZXR1cm5z
>IGEgcGFnZSB0byB0aGUgdXNlcg0KdGhhdCB0ZWxscyB0aGVtIHRoYXQgdGhlIHNpdGUgaXMgYmxv
>Y2tlZCBhbmQgdW5kZXIgd2hhdCBjYXRlZ29yeS4NCg0KUmVhbCBBdWRpbyBpcyBhIGZpbGUgZm9y
>bWF0Lg0KVG8gYmxvY2sgdGhpcyBmb3JtYXQgeW91IG11c3QgYmxvY2sgdGhlIGFiaWxpdHkgdG8g
>cmVxdWVzdCB0aGF0IGZpbGUgdHlwZSBieQ0KYSBIVFRQIHJlcXVlc3QuDQpUbyBkbyB0aGlzIHlv
>dSB3aWxsIHdhbnQgdG8gYWRkIHRoZSBmaWxlIGV4dGVuc2lvbnMgdG8gdGhlIGtleXdvcmQgYmxv
>Y2tpbmcNCmNhdGVnb3J5DQpUaGlzIGNhbiBiZSBkb25lIGJ5IG9wZW5pbmcgdGhlIHdlYnNlbnNl
>IG1hbmFnZXIsIGFuZCBzZWxlY3RpbmcgdGhlIGtleXdvcmRzDQpvcHRpb25zIG9uIHRoZSBsZWZ0
>IG9mIHRoZSBzY3JlZW4gKHRoZSB3aGl0ZSB3aW5kb3cgZnJhbWUpLg0KDQoxKQkJVGhlbiBjcmVh
>dGUgYSBuZXcgY2F0ZWdvcnkgaW4gdGhlIHVzZXIgZGVmaW5lZCBjYXRlZ29yeSBieQ0KcmlnaHQg
>Y2xpY2tpbmcgb24gaXQgYW5kIHNlbGVjdGluZyAiYWRkIGEgY3VzdG9tIGNhdGVnb3J5IiwgYW5k
>IG5hbWUgaXQNCmtleXdvcmRzLg0KDQoyKQkJVGhlbiBzZWxlY3QgdGhhdCBjYXRlZ29yeSBhbmQg
>dHlwZSB0aGlzIGluIHRoZSByaWdodCBwYW5lDQp3aGVyZSBpdCBpcyBsYWJlbGVkICJFbnRlciBV
>Ukwga2V5d29yZHMgZm9yIHRoaXMgY2F0ZWdvcnkiDQoJCQkJXC5yYQ0KCQkJKG1ha2Ugc3VyZSB5
>b3UgaW5jbHVkZWQgdGhlIGJhY2tzbGFzaCkgdGhlbiBjbGljaw0KQWRkIEtleXdvcmRzIG9uIHRo
>ZSBib3R0b20gcmlnaHQuDQozKQkJVGhlbiBhZGQgYW5vdGhlciANCgkJCQlcLnJtDQoJCQkobWFr
>ZSBzdXJlIHlvdSBpbmNsdWRlZCB0aGUgYmFja3NsYXNoKSB0aGVuIGNsaWNrDQpBZGQgS2V5d29y
>ZHMgb24gdGhlIGJvdHRvbSByaWdodC4NCg0KNCkJCU5leHQgZ28gdG8gdGhlIENhdGVnb3J5IGxp
>c3QgdGhhdCBpcyBpbXBsZW1lbnRlZCBpbiB0aGUNCnBvbGljeSB0aGF0IHlvdSB3YW50IHRvIGJs
>b2NrIGFjY2VzcyB0byBSZWFsIEF1ZGlvDQoNCjUpCQlTZWxlY3QgIkVkaXQgQ2F0ZWdvcnkgU2V0
>Ig0KDQo2KQkJVGhlbiBzY3JvbGwgZG93biB0byB0aGUgIlVzZXIgRGVmaW5lZCIgc2VjdGlvbiBh
>bmQgY2xpY2sgdGhlDQpwbHVzIHNpZ24gdG8gdGhlIGxlZnQgb2YgaXQgdG8gZXhwYW5kIHRoZSBj
>YXRlZ29yeS4NCg0KNykJCVNlbGVjdCB0aGUgIktleXdvcmRzIiBjYXRlZ29yeSB0aGF0IHlvdSBq
>dXN0IGFkZGVkDQoNCjgpCQlDbGljayBvbiB0aGUgY2hlY2tib3ggb24gdGhlIHRoYXQgaXMgbGFi
>ZWxlZCAiQmxvY2sNCktleXdvcmRzIg0KDQo5KQkJVGhlbiBjbGljayAiU2F2ZSBBTEwiICBvbiB0
>aGUgdXBwZXIgbGVmdCBjb3JuZXIgdG8gYXBwbHkgdGhlDQpjaGFuZ2VzDQoNCk5vdyBhbnkgSFRU
>UCByZXF1ZXN0IHRoYXQgaXMgbWFkZSBmb3IgUmVhbCBBdWRpbyBmb3JtYXRzIHdpbGwgYmUgZGVu
>aWVkLg0KDQpUaGlzIGNhbiBiZSByZXBsaWNhdGVkIGZvciBhbnkgZmlsZSBleHRlbnNpb24gdGhh
>dCB5b3Ugd291bGQgbGlrZSB0byBibG9jay4NCg0KICANCg0K
>
>--=_58024001.89E8AB92--
>
>--__--__--
>
>Message: 14
>Date: Mon, 18 Jun 2001 18:01:46 +0200 (CEST)
>From: Olivier Kaloudoff <[EMAIL PROTECTED]>
>To: "Keller, Dennis A (DDSP)" <[EMAIL PROTECTED]>
>Cc: 'JD' <[EMAIL PROTECTED]>, Eliyah Lovkoff <[EMAIL PROTECTED]>,
> [EMAIL PROTECTED]
>Subject: RE: Block internet radio
>
>PLEASE UNSUBSCRIBE ME OFF THIS LIST
>I ASKED MAY TIMES TO DO SO
>TO FIREWALLS-APPROVAL BUT NEVER
>GOT ANSWER.
>
>
>On Mon, 18 Jun 2001, Keller, Dennis A (DDSP) wrote:
>
>I use Raptor which allows blocking of URL extensions (like JPEG and such).
>But I have had to block entire sites as well.
>
>
>Regards,
>Network Security Administrator
>DDSP
>email: [EMAIL PROTECTED]
>Phone: 717-770-7766
> DSN: 977-7766
> Cell: 717-979-2716
>Pager: 717-231-1960
>
>
>-----Original Message-----
>From: JD [mailto:[EMAIL PROTECTED]]
>Sent: Friday, June 15, 2001 4:37 PM
>To: Eliyah Lovkoff; [EMAIL PROTECTED]
>Subject: Re: Block internet radio
>
>
>I was looking for a solution to this a while back but no joy for me except
>to block access to the sites in question... Not very efficient. BUT I was
>told by someone that they used Checkpoint to block certain files from being
>downloaded: ASX and ASF specifically. I don't use Checkpoint but maybe this
>will send you in the right direction...
>
>-james
>
>
>----- Original Message -----
>From: "Eliyah Lovkoff" <[EMAIL PROTECTED]>
>To: <[EMAIL PROTECTED]>
>Sent: Friday, June 15, 2001 2:21 PM
>Subject: Block internet radio
>
>
>We use Checkpoint 2000 SP3 and Websense 4.2.3
>I'm trying to find some way to block internet radio. (Sites like
>680news,CHFI,and others where you can listen live to radio broadcasts)
>As long as I understand those Internet radio sites use http as a transfer
>protocol , which means I cannot block it.Users need it for normal internet
>access.
>I've found one doc in Websense knowledgebase that states that in most cases
>it is enough to block http://vstream.com and http://windowsmedia.com - this
>will cover both the radio connection and the list of radio stations provided
>my microsoft.
>I blocked those sites and I must admit it didn't help at all.
>
>I just wonder if there is some way to block internet radio anyway....
>
>_______________________________________________
>Firewalls mailing list
>[EMAIL PROTECTED]
>http://lists.gnac.net/mailman/listinfo/firewalls
>
>
>_______________________________________________
>Firewalls mailing list
>[EMAIL PROTECTED]
>http://lists.gnac.net/mailman/listinfo/firewalls
>_______________________________________________
>Firewalls mailing list
>[EMAIL PROTECTED]
>http://lists.gnac.net/mailman/listinfo/firewalls
>
>
>
>--__--__--
>
>_______________________________________________
>Firewalls mailing list
>[EMAIL PROTECTED]
>http://lists.gnac.net/mailman/listinfo/firewalls
>
>
>End of Firewalls Digest
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
