I need help blocking music swapping services (by port numbers?)
Dave Hansen
Of course I'm assuming that simple port blocking will do this for now.
I can find some Napster & Kazaa info but not anything all-inclusive.
Thanks in advance.
Dave
Mike
"Dave Hansen" <da...@unidave.com> wrote in message
news:8dcd1f1b.03091...@posting.google.com...
> Does there exist a resource that lists up-to-date file sharing ports?
> Of course I'm assuming that simple port blocking will do this for now.
I don't know of a list but I'm sure others will be along soon...
Meanwhile don't forget that some if not all of these programs can tunnel
through HTTP so you may want to consider a multi-pronged attack by also
blocking the domains and protocols if your firewall permits.
Geoff
I'm not an expert on this but my inclination is that blocking by Port No is
entirely the wrong strategy.
Whilst there may be only half a dozen of the most popular p2p programs you'd
like to block there are AFAIK over 60 such programs in fairly common usage
and more applications are appearing all the time. Each of these programs may
have it's own default port configuration but (the programs I know) are very
simply customizable so that ISP port-blocking is easily circumvented. eg: I
believe it fairly common to change the p2p application setting to feed off
port 21....
Why do you want to block this anyway ? If you're in the work environment why
not simply make it a dismissible offence to be caught with p2p software on
the PC and than make overt ad hoc checks to put the frighteners on
employees. Maybe not the technical solution you're after but simple, not
time-consuming, and effective nevertheless. BTW, I heard on Monday that BAE
Systems in the UK suspended 22 employees for having inappropriate content on
PC. Not that they were all p2p'ing but noone but a fool will now :)
Geoff
donut
news:8dcd1f1b.03091...@posting.google.com:
> Does there exist a resource that lists up-to-date file sharing ports?
> Of course I'm assuming that simple port blocking will do this for now.
>
> I can find some Napster & Kazaa info but not anything all-inclusive.
Kazaa will use any port beginning at 1000 or so, and will climb upwards
until it finds one open. Not a good plan.
Beoweolf
numbers can be easily re-assigned, if you block "xxxxxx" the service or the
user can simply configure another port.
Editorial: The reason the Music companies are attempting to trtansfer
prosecution, detection and enforcment to ISP's. Network administrator or
consumers is based on this exact feature of peer-to-peer connections. So you
spend your time and resources in service to an unpaid client. After gouging
their customers for the last 20 years, since LP albums...used to be less
than $7 - $10, to CD's which, until recently, were double that price.What's
with all albums being the same price? Less popular titles should sell for
lower prices, right? But that's the way it is..take it or leave it. Now they
want you to feel guilty and do their job for them. People are willing to pay
a reasonable price for a product, when a large number of people, especially
the "target" consumer, teens to younge adults, are unwilling to pay a high
price for an essentially discretionary product. You need to change your
pricing strategy.
"Dave Hansen" <da...@unidave.com> wrote in message
news:8dcd1f1b.03091...@posting.google.com...
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.516 / Virus Database: 313 - Release Date: 9/1/2003
Beoweolf
of your browser?
input "port numbers"...the most authoritative was IANA, last updated
8-28-03.
Napster is mostly a non-player at thsi point. The proliferation of services
will make it even harder to define what is or isn't an illegal file-sharing
service.
http://www.iana.org/assignments/port-numbers
kazaa 1214/tcp KAZAA
gnutella-svc 6346/tcp gnutella-svc
"Dave Hansen" <da...@unidave.com> wrote in message
news:8dcd1f1b.03091...@posting.google.com...
MyndPhlyp
"Beoweolf" <Beow...@pacbell.net> wrote in message
news:l%j8b.3614$oA5....@newssvr25.news.prodigy.com...
>
> Editorial: The reason the Music companies are attempting to trtansfer
> prosecution, detection and enforcment to ISP's. Network administrator or
> consumers is based on this exact feature of peer-to-peer connections. So
you
> spend your time and resources in service to an unpaid client. After
gouging
> their customers for the last 20 years, since LP albums...used to be less
> than $7 - $10, to CD's which, until recently, were double that
price.What's
> with all albums being the same price? Less popular titles should sell for
> lower prices, right? But that's the way it is..take it or leave it. Now
they
> want you to feel guilty and do their job for them. People are willing to
pay
> a reasonable price for a product, when a large number of people,
especially
> the "target" consumer, teens to younge adults, are unwilling to pay a high
> price for an essentially discretionary product. You need to change your
> pricing strategy.
If you go back to the advent of music on CDs, one of the planks in the
advertising platform was that the cost to the consumer would go DOWN over
time as CDs receive widespread acceptance.
Of course, I believed that one just as much as I believed the advertising
behind nuclear power - "to cheap to meter."
Now the song and dance (no pun intended) is that the prices must go up in
order to make up for the losses from pirated tunes. I suspect the true
reason is that corporations are in a panic trying to improve the bottom line
without affecting management's salaries, options and perks.
Dave Hansen
efforts- :-)
Thank you for these, I do have this IANA list but I didn't want to
assume the authors were going to stick to this - I would have expected
them to "move around" a lot. Recently heard of something called
Limeware it's using ranges of ports in the 6xxx, 7xxx and 8xxx range
and it's not listed in the IANA document.
Anyway, thank you.
Dave
"Beoweolf" <Beow...@pacbell.net> wrote in message news:<z8k8b.3644$zF5....@newssvr25.news.prodigy.com>...
Beoweolf
of assistance you were seeking. Your message only seemed to ask if there
were a comprehensive, up to date list....which was provided, and a
suggestion as to how you could duplicate the search and find additional,
possibly more detailed info.
Dave Hansen
"Geoff" <nos...@nospam.com> wrote in message news:<3f612854$0$252$fa0f...@lovejoy.zen.co.uk>...
Eagle29 <>
@posting.google.com>, da...@unidave.com says...
Firewall should be set to block ALL ports incoming and
outgoing by default.
If there is an internal http proxy, no one needs
internet access for http or https because they will get
web access via the proxy server.
If there is an internal email server, then no one needs
internet access through the firewall because all email
will be coming from the internal server.
The same applies for time server access via ntp if
there is an internal time server, an internal news
server via nntp etc.
If all ports at the firewall are -blocked- by default,
no one will be able to use the file sharing services.
Only the servers (http proxy, dns proxy, email, ntp,
ftp etc) should be allowed specific access to the
internet via the firewall and only for the specific
ports that server uses.
Everyone else accesses the internet via the servers.
Using policies and registry settings, you can even
prevent people from downloading any files from any
websites they visit.
Here is an excellent article which explains it all
quite well, in my opinion.
http://www.theinquirer.net/?article=11466
--
Oscar Ayala
Eagle28 at swbell dot net
(Replace at with @ and dot with . and remove spaces)
Rishi Lukka RL@codework.com
If you are hoping to block access to any applications you can use
software which we've made, it's called Browse Control. It does work
on the client side. Basically allows you to set a list of Applications
which you wish to Block e.g. KazAa to the client. It actually looks
at the internal windows name of the application which the user is
trying to run..so even if they rename it they cannot cheat the system.
You can download it from:
http://www.codework.com/bcontrol/features.htm
Hope that helps!
~Rishi
da...@unidave.com (Dave Hansen) wrote in message news:<8dcd1f1b.03091...@posting.google.com>...