Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

Access lists for blocking Kazaa

Hi,

I am trying to block users in our network from using Kazaa and similar. I put the following in our perimiter router.

access-list 120 deny tcp 192.x.x.x 0.0.0.255 any eq 1214

access-list 120 deny udp 192.x.x.x 0.0.0.255 any eq 1214

access-list 100 permit ip any any

I want to allow everything else, as the firewall deals with this.

When I viewed the access lists after still being able to access and download files from Kazaa, they were showed as matching. If they were matching, surely they should have been denied. I presume I am missing some other ports that are required. I then added in ports 6346, and 6347, but these showed no matches. I think these are for gnutella.

Any help would be appreciated.

Regards,

Gills

6 REPLIES
Community Member

Re: Access lists for blocking Kazaa

Kazza first trys port 1214. If that port is blocked it starts to connect using "well known ports" like port 23 (telnet) and 80 (www). This makes blocking Kazza difficult. The best solution is a traffic shaping device such as a Packteer (www.packeteer.com)

Bryan

Community Member

Re: Access lists for blocking Kazaa

Thanks for that, I had been thinking about some form of traffic shaping, looks like it is the only way to do it.

Gills

Cisco Employee

Re: Access lists for blocking Kazaa

You can block access to the main Kazaa servers IP addresses, that'll kill the app. There's loads of good information on all file-sharing programs and how to block them here:

http://testweb.oofle.com/filesharing/index.htm

Community Member

Re: Access lists for blocking Kazaa

Thanks for that, I will check it out.

Gills

Community Member

Re: Access lists for blocking Kazaa

You could also impliment something like WebSense. It's expensive to impliment, but it'll get the job done.

RobertG...

Community Member

Re: Access lists for blocking Kazaa

Websense doesn't block them, we have it running with Pix. It only blocks url access to the web sites. We've been trying for weeks to figure this out. We've been testing and sniffing KaZaa Lite and it's a real bear...can't even tell with a sniffer what it's really doing. It just keeps adjusting destinations and changing ports, then appears to go into a real agressive mode of some kind and starts working. ...Cisco IDS is the only thing we've been able to find that will touch it, at least with the current versions of KaZaa and KaZaa lite. We're getting ready to start shunning to the inside.

159
Views
0
Helpful
6
Replies
CreatePlease to create content