RE: Firewall Client Problem

  • From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Wed, 12 May 2004 12:46:54 -0500

Hi CyberQuest,

The problem with blocking P2P apps, like the dreaded Kazaa, is that they
use methods to scan the firewall and find an available port. They will
use a default port, but if that default port is not available, then it
will use an alternate port. Kazaa will end up using TCP 80 if it can't
access any other port. This makes it very difficult to whack Kazaa like
apps because if they use an alternate port, other than TCP 80, you have
to perform deep inspection of every packet going outbound through the
firewall. There are products that do just this, like the Akonix L7 for
ISA Server solution.

On the other hand, if you restrict your users to just TCP 80 and use ISA
Server 2004 advanced HTTP security filter, you can check the HTTP
headers and block the connections that contain the P2P headers. I've
done this already with ISA Server 2004 and it works a treat! The
drawback is the users who you want to block in this way must be
restricted to HTTP *only*.

HTH,
Tom

Thomas W Shinder
www.isaserver.org/shinder
ISA 2004 Beta - Get it now!
http://www.microsoft.com/isaserver/beta/default.asp
ISA Server and Beyond: http://tinyurl.com/1jq1
Configuring ISA Server: http://tinyurl.com/1llp


-----Original Message-----
From: Cyber quest [mailto:cyberquests@xxxxxxxxxxx] 
Sent: Wednesday, May 12, 2004 6:35 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Firewall Client Problem


http://www.ISAserver.org

Well
 At last u got my point   yeah u can say i aam  an ISP

 but isnt there any method using ISA to block these softwares 
i mean  cant  i block all these acceletors and  p2p softwares ?



Help STOP spam with the new MSN 8 and get 2 months FREE*
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

Other related posts:

  1. Home
  2. isalist
  3. Archive
  4. 05-2004