Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
540
Views
0
Helpful
6
Replies

Access lists for blocking Kazaa

gills
Level 1
Level 1

‎01-20-2003 12:54 AM - edited ‎03-09-2019 01:45 AM

Hi,

I am trying to block users in our network from using Kazaa and similar. I put the following in our perimiter router.

access-list 120 deny tcp 192.x.x.x 0.0.0.255 any eq 1214

access-list 120 deny udp 192.x.x.x 0.0.0.255 any eq 1214

access-list 100 permit ip any any

I want to allow everything else, as the firewall deals with this.

When I viewed the access lists after still being able to access and download files from Kazaa, they were showed as matching. If they were matching, surely they should have been denied. I presume I am missing some other ports that are required. I then added in ports 6346, and 6347, but these showed no matches. I think these are for gnutella.

Any help would be appreciated.

Regards,

Gills

Labels:
0 Helpful
6 Replies 6

bhaase
Level 1
Level 1

‎01-20-2003 07:54 AM

Kazza first trys port 1214. If that port is blocked it starts to connect using "well known ports" like port 23 (telnet) and 80 (www). This makes blocking Kazza difficult. The best solution is a traffic shaping device such as a Packteer (www.packeteer.com)

Bryan

0 Helpful

gills
Level 1
Level 1
In response to bhaase

‎01-20-2003 07:58 AM

Thanks for that, I had been thinking about some form of traffic shaping, looks like it is the only way to do it.

Gills

0 Helpful

gfullage
Cisco Employee
Cisco Employee
In response to gills

‎01-21-2003 06:06 PM

You can block access to the main Kazaa servers IP addresses, that'll kill the app. There's loads of good information on all file-sharing programs and how to block them here:

http://testweb.oofle.com/filesharing/index.htm

0 Helpful

gills
Level 1
Level 1
In response to gfullage

‎01-22-2003 02:50 AM

Thanks for that, I will check it out.

Gills

0 Helpful

robertgile
Level 1
Level 1
In response to gills

‎01-25-2003 12:23 PM

You could also impliment something like WebSense. It's expensive to impliment, but it'll get the job done.

RobertG...

0 Helpful

bbenton
Level 1
Level 1
In response to robertgile

‎02-01-2003 04:50 AM

Websense doesn't block them, we have it running with Pix. It only blocks url access to the web sites. We've been trying for weeks to figure this out. We've been testing and sniffing KaZaa Lite and it's a real bear...can't even tell with a sniffer what it's really doing. It just keeps adjusting destinations and changing ports, then appears to go into a real agressive mode of some kind and starts working. ...Cisco IDS is the only thing we've been able to find that will touch it, at least with the current versions of KaZaa and KaZaa lite. We're getting ready to start shunning to the inside.

0 Helpful
Customers Also Viewed These Support Documents