Blocking Kazaa

I use BT Satellite and have a small network. ICS is provided by a PC running
XP Pro sitting headless in a corner of a room. The Satellite modem goes into
one NIC on this machine and the network is connected to another NIC via a
switch. Is there an easy way to block the ports Kazaa uses?

In message <bp5ek0$1k9gpi$(E-Mail Removed)>, Kimball K
Kinnison <(E-Mail Removed)> writes
>I use BT Satellite and have a small network. ICS is provided by a PC running
>XP Pro sitting headless in a corner of a room. The Satellite modem goes into
>one NIC on this machine and the network is connected to another NIC via a
>switch. Is there an easy way to block the ports Kazaa uses?
>
>
Yes, enable the XP firewall for the network side NIC on the ICS box and
only tick the protocols you know you need (HTTP, FTP, SMTP, POP etc).

--
Clint

On 15/11/03 5:29 pm, in article 1JwbK7KHKmt$(E-Mail Removed),
"Clint Sharp" <(E-Mail Removed)> wrote:

> In message <bp5ek0$1k9gpi$(E-Mail Removed)>, Kimball K
> Kinnison <(E-Mail Removed)> writes
>> I use BT Satellite and have a small network. ICS is provided by a PC running
>> XP Pro sitting headless in a corner of a room. The Satellite modem goes into
>> one NIC on this machine and the network is connected to another NIC via a
>> switch. Is there an easy way to block the ports Kazaa uses?
>>
>>
> Yes, enable the XP firewall for the network side NIC on the ICS box and
> only tick the protocols you know you need (HTTP, FTP, SMTP, POP etc).

Doh, Kazaa uses HTTP when port blocked so that won't work .

No, there isn't a quick fix to blocking Kazaa - it was written that way.
Some Linux firewalls can stop it, but they are custom jobs. ~there are
specific traffic analysers designed for ISP's/Universities (Packetseeker).

Otherwise its rather tricky !

Its not easy or cheap to do.

In message <BBDC1879.180C8%(E-Mail Removed)>, Graham in Melton
<(E-Mail Removed)> writes
>On 15/11/03 5:29 pm, in article 1JwbK7KHKmt$(E-Mail Removed),
>"Clint Sharp" <(E-Mail Removed)> wrote:
>
>> In message <bp5ek0$1k9gpi$(E-Mail Removed)>, Kimball K
>> Kinnison <(E-Mail Removed)> writes
>>> I use BT Satellite and have a small network. ICS is provided by a PC running
>>> XP Pro sitting headless in a corner of a room. The Satellite modem goes into
>>> one NIC on this machine and the network is connected to another NIC via a
>>> switch. Is there an easy way to block the ports Kazaa uses?
>>>
>>>
>> Yes, enable the XP firewall for the network side NIC on the ICS box and
>> only tick the protocols you know you need (HTTP, FTP, SMTP, POP etc).
>
>Doh, Kazaa uses HTTP when port blocked so that won't work .
>
>No, there isn't a quick fix to blocking Kazaa - it was written that way.
>Some Linux firewalls can stop it, but they are custom jobs. ~there are
>specific traffic analysers designed for ISP's/Universities (Packetseeker).
>
>Otherwise its rather tricky !
>
>Its not easy or cheap to do.
>
Bugger, I assumed it still worked the way filesharing networks used to,
fixed ports etc.. (Note to self, write out a thousand times, Always
assume your assumptions are wrong..)

A quick ethereal session shows that Kazaa Lite uses UDP packets
containing the string 'KaZaA' to initiate a connection, it might be
possible to stop Kazaa from establishing a connection at all if you
could filter based on outgoing packet content, but it could be smart
enough to modify this behaviour as well!
Take a look at http://oofle.com/filesharing.php where you'll find a
partial solution (Kazaa connects but downloads fail) for iptables
firewalls.

Googling around shows this is a big problem and there are several
partial solutions but they would all require you to have a reasonable
knowledge of IPtables which is not, to say the least, easy to hit the
ground running with.
--
Clint

i aint a netowrk boff or anything, but i use zonealarm on my pc, and i have
it set to ask if i will allow access to kazaa for the internet, can you do
something similar?

"Clint Sharp" <(E-Mail Removed)> wrote in message
news:Jg6EgxUtUot$(E-Mail Removed)...
> In message <BBDC1879.180C8%(E-Mail Removed)>, Graham in Melton
> <(E-Mail Removed)> writes
> >On 15/11/03 5:29 pm, in article 1JwbK7KHKmt$(E-Mail Removed),
> >"Clint Sharp" <(E-Mail Removed)> wrote:
> >
> >> In message <bp5ek0$1k9gpi$(E-Mail Removed)>, Kimball K
> >> Kinnison <(E-Mail Removed)> writes
> >>> I use BT Satellite and have a small network. ICS is provided by a PC
running
> >>> XP Pro sitting headless in a corner of a room. The Satellite modem
goes into
> >>> one NIC on this machine and the network is connected to another NIC
via a
> >>> switch. Is there an easy way to block the ports Kazaa uses?
> >>>
> >>>
> >> Yes, enable the XP firewall for the network side NIC on the ICS box and
> >> only tick the protocols you know you need (HTTP, FTP, SMTP, POP etc).
> >
> >Doh, Kazaa uses HTTP when port blocked so that won't work .
> >
> >No, there isn't a quick fix to blocking Kazaa - it was written that way.
> >Some Linux firewalls can stop it, but they are custom jobs. ~there are
> >specific traffic analysers designed for ISP's/Universities
(Packetseeker).
> >
> >Otherwise its rather tricky !
> >
> >Its not easy or cheap to do.
> >
> Bugger, I assumed it still worked the way filesharing networks used to,
> fixed ports etc.. (Note to self, write out a thousand times, Always
> assume your assumptions are wrong..)
>
> A quick ethereal session shows that Kazaa Lite uses UDP packets
> containing the string 'KaZaA' to initiate a connection, it might be
> possible to stop Kazaa from establishing a connection at all if you
> could filter based on outgoing packet content, but it could be smart
> enough to modify this behaviour as well!
> Take a look at http://oofle.com/filesharing.php where you'll find a
> partial solution (Kazaa connects but downloads fail) for iptables
> firewalls.
>
> Googling around shows this is a big problem and there are several
> partial solutions but they would all require you to have a reasonable
> knowledge of IPtables which is not, to say the least, easy to hit the
> ground running with.
> --
> Clint

On Sun, 16 Nov 2003 14:00:49 +0000 (UTC) and in article <bp7vug$9lg$1
@titan.btinternet.com>, Stuart Turrell said...
: i aint a netowrk boff or anything, but i use zonealarm on my pc, and i have
: it set to ask if i will allow access to kazaa for the internet, can you do
: something similar?

This is a erroneous answer really. The OP was asking for a server way
to block Kazaa - not client side. Server side Kazaa is *very* hard to
restrict. Even our university cannot manage it (and they block as much
as they can!).

--
chris

chris wrote:

> On Sun, 16 Nov 2003 14:00:49 +0000 (UTC) and in article <bp7vug$9lg$1
> @titan.btinternet.com>, Stuart Turrell said...
> : i aint a netowrk boff or anything, but i use zonealarm on my pc, and i
> : have it set to ask if i will allow access to kazaa for the internet, can
> : you do something similar?
>
> This is a erroneous answer really. The OP was asking for a server way
> to block Kazaa - not client side. Server side Kazaa is *very* hard to
> restrict. Even our university cannot manage it (and they block as much
> as they can!).
>
Depends on how much you want to spend ,have a look at
WWW.packeteer.com .They can block kaaza etc but they are extreamely
expensive £2k for 512kb.
There was an open source project to do much the same , and there was a
windows version unfortunately I cant remember the name of the thing .

You could try blocking via a proxy server on the xpbox the websites that
they go to it would not be totally effective but would help.
--
Outgoings certified Microsoft free
Checked with Suse 9

On 16/11/03 6:31 pm, in article MPG.1a21d2e49ed3746e989bae@195.8.68.209,
"chris" <(E-Mail Removed)> wrote:

> Even our university cannot manage it (and they block as much
> as they can!).

Then they don't know what they are doing !

Buy a Packeteer Box with Level 7 ISO model inline analysis and kill all
P2P's dead - some Universities have already implemented it to avoid the
unfortunate traffic levels.

On Sun, 16 Nov 2003 20:19:01 +0000 and in article <BBDD8C35.181BB%
(E-Mail Removed)>, Graham in Melton said...
: On 16/11/03 6:31 pm, in article MPG.1a21d2e49ed3746e989bae@195.8.68.209,
: "chris" <(E-Mail Removed)> wrote:
:
: > Even our university cannot manage it (and they block as much
: > as they can!).
:
: Then they don't know what they are doing !

Well, it is Nottingham University so you would have thought they _would_
know what they're doing - but I am open to reason :-)

: Buy a Packeteer Box with Level 7 ISO model inline analysis and kill all
: P2P's dead - some Universities have already implemented it to avoid the
: unfortunate traffic levels.

How much would that cost out of interest?

--
chris

Graham in Melton <(E-Mail Removed)> wrote in message news:<BBDD8C35.181BB%(E-Mail Removed)>...
> On 16/11/03 6:31 pm, in article MPG.1a21d2e49ed3746e989bae@195.8.68.209,
> "chris" <(E-Mail Removed)> wrote:
>
> > Even our university cannot manage it (and they block as much
> > as they can!).
>
> Then they don't know what they are doing !
>
> Buy a Packeteer Box with Level 7 ISO model inline analysis and kill all
> P2P's dead - some Universities have already implemented it to avoid the
> unfortunate traffic levels.


Hey,

There are cheap solutions on the internet that don't have you dealing
with net traffic, port blocking, ip tables etc.

Our product Browse Control does just this and allows you to BLOCK ANY
APPLICATION not just kazaa at the windows level, before it even
accesses the internet. It is cheap and easy to use too (25£ for
single license etc).

check out details at:
http://www.browsecontrol.com

more pricing at:
http://www.browsecontrol.com/order.htm

I think it will accomplish what you are looking for

Regards,
~Rishi Lukka