As i earlier asked about network setup, you gotta give us the idea/layout of your network atleast. How does exactly your clients(specially the one running kazaa) get connected to internet ??
Do you use squid or any other proxy server in b/w ???
Quote:
Originally Posted by rohit_acl
but i hv truly no idea as to how block the Kazaa software ..
|
There are many ways you can look into for blocking kazaa, starting from
* Using SQUID (as a proxy server wont let you establish a peer to peer connection; afaik)
* You should dump the packets when you see the initial communication of kazaa to its server & any peer.. This may help in blocking it with iptables.
* I have heard that you can use
Code:
-m string --string "X-Kazaa-Username:" -j DROP
-m string --string "X-Kazaa-Network:" -j DROP
-m string --string "X-Kazaa-IP:" -j DROP
-m string --string "X-Kazaa-SupernodeIP:" -j DROP
But you got to specify them at FORWARD (if you are not NATing packets)
* The best would be using domain policies as anyhow if any user can download & install kazaa at its desktop.. ITs even a bigger threat to your security.
* The modest of them all is that you should let your users know that this is not as per the corporate policy of your company & you should avoid doing the practice of using these p2p programs. Make them understand that this brings so many security flaws to their company & their desktops.