How to block Kazaa; NIS authentication
Pedro Fernandes Macedo
webmaster at margo.bijoux.nom.br
Wed May 5 20:54:55 UTC 2004
Artur Sampaio wrote:
>Hi again, guys.
>I found a set of iptables rules that (at least in theory) block kazaa...
>What do you think about?
>
>/sbin/iptables -A INSPECT -p TCP -m string --string "X-Kazaa-Username:"
>-j
>INSDROP
>/sbin/iptables -A INSPECT -p TCP -m string --string "X-Kazaa-Network:"
>-j
>INSDROP
>/sbin/iptables -A INSPECT -p TCP -m string --string
>"X-Kazaa-SupernodeIP:" -j
>INSDROP
>
>Thanks a lot, one more time
>
>(and, one more time, sorry for my english.... I promess that i try to
>enhance it)
>:)
>
>
Arthur,
looks like this rule may work. But you have to do some tests to see.. I
suggest using Ethereal on the machine which shares the connection. Then
look for data containing these strings.. If they really exist in the
traffic , then they may work (never tested rules like those before , but
if all the options are on man and these strings are really sent by
kazaa, then they'll work)
But a little warning... try to sniff the network when you have traffic
coming only from the w2k machine.. This will reduce the size of the
capture log and make your job easier... Also I suggest you to save this
dump to a faster machine and analyze it there....
--
Pedro Macedo
More information about the users
mailing list