Register a domain and help support LQ
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 02-12-2003, 05:40 AM   #1
LQ Newbie
Registered: Dec 2002
Location: Norway
Distribution: Debian Sid
Posts: 7

Rep: Reputation: 0
Block Kazaa2 traffic

Has anyone a good solution for blocking kazaa2 outgoing and incoming traffic? I find it very difficult since the kazaa now search for open ports and it can even use port 80.
Old 02-12-2003, 10:59 PM   #2
Registered: Feb 2003
Location: god's judge
Posts: 376

Rep: Reputation: 30
You're probably going to be look at something like packet shaping. It's own problems entailed.
Old 03-12-2003, 01:18 PM   #3
Senior Member
Registered: Feb 2003
Location: The Real Washington
Distribution: Debian, Android
Posts: 1,819

Rep: Reputation: 46
If you are the administrator, which it sound like you are, you could tell the person that Kazaa traffic is prohibited. If the person continues, write a rule in iptables to block the person from the web by ip address. Other than that, I think kazaa has become too smart for us. Good luck.
Old 03-12-2003, 10:34 PM   #4
Registered: May 2001
Posts: 28,899
Blog Entries: 55

Rep: Reputation: 3357Reputation: 3357Reputation: 3357Reputation: 3357Reputation: 3357Reputation: 3357Reputation: 3357Reputation: 3357Reputation: 3357Reputation: 3357Reputation: 3357
To support blocking I found (can't remember where tho) this Snort rule somewhere. Seems KaZaAv2 first does some UPD packeting out:
alert udp $HOME_NET 1109 -> $EXTERNAL_NET any (msg:"MISC UDP KaZaA v2 traffic"; content:"KaZaA"; classtype: misc-traffic; sidick_one; rev:1)
If it doesn't get response, then it'll scan other ports to find an open one for outgoing connections. If you're running a simple Snort contrib like Guardian it shouldn't be hard to generate a blocking rule.
Old 03-13-2003, 04:53 AM   #5
LQ Newbie
Registered: Dec 2002
Location: Norway
Distribution: Debian Sid
Posts: 7

Original Poster
Rep: Reputation: 0
Thanks, I'll take a look at Snort or Guardian.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
possible to block msn traffic? flamesrock Linux - Software 3 05-26-2005 10:10 PM
Block outgoing traffic through router? Micro420 Linux - Networking 3 03-15-2005 08:01 AM
How can block my SMTP Traffic? krishnakishore Linux - Networking 3 06-19-2004 08:49 AM
iptables : how do I block inbound traffic from one ip address only? Apollo77 Linux - Security 7 03-22-2004 11:22 AM
Setting ip tables to block all traffic LinuxBAH Linux - Security 1 02-07-2004 07:15 AM

All times are GMT -5. The time now is 10:24 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration