|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [suse-security] Blocking Kazaa and other P2P communication tools.
From: Ray Leach (raymondl
knowledgefactory.co.za)
Date: Tue Aug 19 2003 - 10:47:01 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Tue, 2003-08-19 at 17:33, Robert Davies wrote:
> On Tuesday 19 Aug 2003 15:29, James Oakley wrote:
>
> > Aha, you just reminded me of the string matching module. A bit of Googling
> > returned this:
> >
> > iptables -m string --string "X-Kazaa-Username:" -j DROP
> > iptables -m string --string "X-Kazaa-Network:" -j DROP
> > iptables -m string --string "X-Kazaa-IP:" -j DROP
> > iptables -m string --string "X-Kazaa-SupernodeIP:" -j DROP
>
> How efficient is that, does it hit throughput badly? Is the firewall looking
> inside every packet, scanning for those 4 strings? Would it take out other
> packets, like your email which happened to contain the strings in them?
>
Depends which chain you add it to.
> Rob
--
--
Raymond Leach <raymondlknowledgefactory.co.za>
Network Support Specialist
http://www.knowledgefactory.co.za
"lynx -source http://www.rchq.co.za/raymondl.asc | gpg --import"
Key fingerprint = 7209 A695 9EE0 E971 A9AD 00EE 8757 EE47 F06F FB28
--
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2-rc1-SuSE (GNU/Linux)
iD8DBQA/QkZ1h1fuR/Bv+ygRAp0mAKCzkganlzWJttYWdAphcOXJ8sx8HwCcCSsF
AW+oAW1xZNY8mtPQh9igWto=
=R2eD
-----END PGP SIGNATURE-----
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]