On Tue, 16 Sep 2003, Glenn Remot wrote: .. > based on my experiences, and from what others have said regarding kazaa > and the likes, it uses no permanent port. But it in my set-up kazaa will > not work unless i masquerade the client. meaning it will not work > through proxy connections like squid. What's ur set-up? Do ur users use > a proxy server or something? Or are they directly connected to the > internet (masqueraded)?
port-blocking will fail, kazaa uses a lot of ports, and can go through the WWW port. use Snort with p2p rules + perl script (as Mike suggested) or use Cisco NBAR ACL matching. Both these methods do realtime sniffing of the packets to look for Kazaa signatures, regardless of what ports they're riding on. --- Orlando Andico <[EMAIL PROTECTED]> Mosaic Communications, Inc. -- Philippine Linux Users' Group (PLUG) Mailing List [EMAIL PROTECTED] (#PLUG @ irc.free.net.ph) Official Website: http://plug.linux.org.ph Searchable Archives: http://marc.free.net.ph . To leave, go to http://lists.q-linux.com/mailman/listinfo/plug . Are you a Linux newbie? To join the newbie list, go to http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie
