If theyre behind a ftp/http proxy you could have a go at extension filtering. If not, from what I read there's no common signature in mp3 files, so filtering tru apps like Snort wouldnt work, but if they're on peer2peer clients you could block those ports. Else you could run an hourly/daily cronjob deleting mp3 files, something should look like
find /home -name *.mp3 -exec rm -f {} \;
but you better move from exec to xargs.
|