|
Posted by Bas Keur on January 15, 2005, 10:28 pm
If you were Registered and logged in, you could reply and use other advanced thread options
> I'm looking for the port ranges for the WAREZ P2P client so I can disable
> them up/down.
drop TCP 6345 <> 6349
BUT.... this won't solve your problem. It does however help you
in the sense that whoever is P2P'ing after that is clearly breaking
your `zero tolerance` traffic rule. (You need to have one)
Why ?
Todays P2P clients will do anything to reach the net, it will even
leave the network over port 80 if it can't make a connection to the
internet, how rude :)
While i know the benifit of proxy's, i refuse to implant one just to stop
P2P traffic.
(Unless you have a $$$ layer 7 appliance firewall with an IDS module in it)
I suggest you inform (crack some skulls) the people on your lan not to use
P2P
on the LAN if they know whats good for them :)
(You can spot P2P pretty well with snort www.snort.org)
--
] Bas Keur
] `Energizer Bunny arrested, charged with battery`
| 
XML site map