Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

Blocking of Kazzaa

hi ,

I've been trying to block access to Kazaa . I used and Outbound Deny on port 1214 for both TCP and UDP. I also put in an access list which read ...

access-list 110 deny tcp/udp any any eq 1214 . Also , I was killing any sessions to and from Port 1214 using an ISS IDS . Nothing works, although some of these steps do slow down Kazaa it does not stop it altogether.

I would appreciate any help in this matter.

1 REPLY
New Member

Re: Blocking of Kazzaa

Solution 1:

block all incoming TCP connections but the really needed ones

Problem with Solution 1:

Um. That doesn't work for kazaa (fasttrack), gnutella, etc.

These apps will detect if they're firewalled, and if two peers want

to talk to eachother where one side is firewalled, the connection

will always be initiated by the firewalled one.

(And for public networks, every port is "needed" if you ask the users.)

instead of blocking port 1214, ... you may want to use QoS feature

on router or ... to limit the bandwidth to a few kbps. The reason behind the second point is to fool the users. Some traffic is going anyway, so, they will not try other ports but the default.

This would fool the clueLESS ones. It might hold the clueful ones at

bay for a few weeks, until they realize "Hey, that's strange, I'm

consistently getting N times the bandwidth when I leach 1337 stuff

on IRC or via FTP.", at which point the worst bandwidth hogs _will_

move on to other protocols, or maybe start fiddling with their port

number settings... and tell all their friends.

Read this:

http://helpdesk.gwu.edu/helpdesk/whatsnew/fall02/kazaa.100902.html

"Kazaa v2 is bypassing all our controls! Argh!"

And then take into account "helpful" sites like this one I found

right away when googling for "get around bandwidth limits kazaa":

http://www.dslreports.com/forum/remark,4481903~root=campus~mode=flat

"Have you tried:

Socks2Http - Tool to bypass firewalls and proxys that may be

blocking KaZaA.

Socks2HTTP is an agent converting SOCKS v.5 requests into HTTP requests

and tunneling them through HTTP proxy. [...]"

(And now I'm making it even easier to find when this gets added to the

web archives. *sigh*)

dlabbadia

92
Views
0
Helpful
1
Replies