LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 08-21-2003, 02:41 PM   #1
lorddecker
LQ Newbie
 
Registered: Aug 2003
Posts: 9

Rep: Reputation: 0
Talking Blocking Kazaa with iptables


Hey guys, I just found these forumns, and all i can say is WOW! I'm used to car forums like this, but finally i found a linux one!

anyway, on to the question!

I'm a admin for a company and were trying to block kazaa. I've tried blocking its ports, but it keeps shifting its ports that it uses. Its really smart program. Anyway, i did a ethereal dump and noticed that the header of the login packet begins with "KaZaa" or something like it. Isn't there a stateful packet checking in iptables that'll allow you to search for strings and then just drop the packet?

Could someone throw up some code or point me in the right direction? thankx!
 
Old 08-21-2003, 03:30 PM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594Reputation: 3594
Welcome to LQ.

I'm a admin for a company
...and even if you're not an admin you should have done two things in advance:
- Set up or adapt your companies' network policies to explicitly deny P2P usage and connections to P2P networks. If you don't do this then it will take just another hole in the policy, another codehead and another app 'til your bandwidth drops again. It also gives you something to enforce, which else will only be done at random or only when detected.
- Read up on filtering: Netfilter *does* include (still experimental?) string match support. If that ain't what you're looking for, see Snort(.org) for Snort ("X-Kazaa" P2P rules) + Guardian (gives Snort Netfilter blocking caps) or (Google for) the LARTC site for bandwidth shaping.

Btw, since this is your first post here it would be good to mention you can also search LQ for the term kazaa+block.
Kinda neat, innit.

Last edited by unSpawn; 08-21-2003 at 03:31 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
blocking an IP using iptables picox Linux - Security 7 12-10-2010 02:00 PM
iptables kazaa port forward Lsi Linux - Security 3 05-14-2004 10:44 PM
Blocking Traffic on a specific port (kazaa) GratePayne Linux - Security 4 05-09-2004 09:10 AM
opening kazaa and paltalk port in iptables orko Linux - Networking 15 12-02-2003 12:25 PM
Blocking Kazaa with Iptables, Anyone? markng Linux - Security 6 06-27-2003 06:35 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 07:38 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration