RE: [FW1] Napster

TCheeseman Fri, 28 Jul 2000 07:05:09 -0700

Can anyone suggest method of adequately testing these port numbers?

-----Original Message-----
From: Michael Hernandez [mailto:[EMAIL PROTECTED]]
Sent: Friday, July 28, 2000 8:54 AM
To: 'Michael Tench'; Gijs Wuyts; 'Mike Anning';
[EMAIL PROTECTED]
Subject: RE: [FW1] Napster



Just to add a little more, as Michael Tench said real world counts, and
after serving 10 years in the Navy working in NOC's I can say that besides
agreeing with his approach you may also opt for an easier way, meaning setup
a single rule with your workstation and on the log filter only
outbound/inbound traffic as you hit napster, you'll notice napster will open
2 ports initially, one port is a UDP port which queries for a napster
server, once found then send another request via TCP (on a different port)
to establish a connection (<--- this is how others can download from you!).
Once you see those ports, all you have to do is close those 2 ports and the
napster application will be useless!.

--Michael H.

-----Original Message-----
From: Michael Tench [mailto:[EMAIL PROTECTED]]
Sent: Friday, July 28, 2000 8:12 AM
To: Gijs Wuyts; 'Mike Anning'; [EMAIL PROTECTED]
Subject: RE: [FW1] Napster



Instead of worrying about the ports these programs use (some of these
utilities will use what ever port you have open), I would reccommend
changing your security stance. I.E....I do not allow any workstations on my
network to have direct outbound access. I only allow a proxy to have
outbound access through FW1...the proxy can then filter at the application
layer.
Additionally, a security policy should be "deny all except what is required"
that way you are already denying access to various "esoteric" ports.
I know this wasn't what you asked, but believe me...it will save you alot of
heartache at a later date.

Michael Tench
Yeah I have a whole lot of alphabet soup after my name too...so what..
certifications mean nothing. Real world knowledge mean everything.

On Fri, 28 Jul 2000 13:42:55 +0200, Gijs Wuyts wrote:

>  
>  First posting, so ignore my level of knowledge...
>  
>  Is there a comprehensive resources regarding ports for exotic
applications
>  like these.
>  Most protocols I can find via ietf, but e.g. I don't think Napster, etc
are
>  using ports described via RFC's?
>  
>  Gijs
>  
>  -----Original Message-----
>  From: [EMAIL PROTECTED]
>  [mailto:[EMAIL PROTECTED]]On Behalf Of Mike
>  Anning
>  Sent: Friday, July 28, 2000 10:31 AM
>  To: [EMAIL PROTECTED]
>  Subject: [FW1] Napster
>  
>  
>  
>  
>  
>  So it seems, according to CNN, that the battle is finally won.... but the
>  war is
>  far from over!
>  
> 
----------------------------------------------------------------------------
>  -----
>  DISCLAIMER:
>  This E-mail is strictly confidential and intended solely for the
addressee.
>  It may contain information that is covered by legal, professional or
other
>  privilege. If you are not the intended addressee you must not use,
disclose
>  or
>  copy this transmission.
>  
>  This E-mail is not intended to impose nor shall it be construed as
imposing
>  any
>  legally binding obligation upon CHEP and/or any of its subsidiaries or
>  associated companies.
>  
>  Neither CHEP nor any of its subsidiaries or associated companies gives
any
>  representation or warranty as to the accuracy or completeness of the
>  contents of
>  this E-mail.
>  
>  CHEP shall not be held liable to any person resulting from the use of any
>  information contained in this E-mail and shall not be liable to any
person
>  who
>  acts or omits to do anything in reliance upon it.
>  
>  
>  
>  
> 
============================================================================
>  ====
>       To unsubscribe from this mailing list, please see the instructions
at
>                 http://www.checkpoint.com/services/mailing.html
> 
============================================================================
>  ====
>  
>  
>  
> 
============================================================================
====
>       To unsubscribe from this mailing list, please see the instructions
at
>                 http://www.checkpoint.com/services/mailing.html
> 
============================================================================
====


Michael Tench





_______________________________________________________
Say Bye to Slow Internet!
http://www.home.com/xinbox/signup.html



============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================
====


============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================
====


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================
RE: [FW1] Napster

Reply via email to
