How to block Kazaa; NIS authentication

Yang Xiao yxiao at ohpp.com
Wed May 5 19:41:41 UTC 2004


Hi,
It's a funny way of doing it, but here it is.
Assuming you have control of the DNS server your users are using, usually
obtained by DHCP, you can setup an empty authoritative zone for kazaa.com so
that it resolves to nothing, done, won't even bother your firewall.
Yang

-----Original Message-----
From: jludwig [mailto:wralphie at comcast.net] 
Sent: Wednesday, May 05, 2004 3:40 PM
To: For users of Fedora Core releases
Subject: Re: How to block Kazaa; NIS authentication

On Wed, 2004-05-05 at 15:03, Markku Kolkka wrote:
> Artur Sampaio kirjoitti viestissään (lähetysaika keskiviikko, 5. 
> toukokuuta 2004 21:12):
> > 1) The W2k user insist in use kazaa, that was prohibited from
> > enterprise's owner.....I wish to block the port of kazaa on
> > the server (iptables??). someone knows how?
> 
> http://www.linuxjournal.com/article.php?sid=6945
> 
> -- 
> 	Markku Kolkka
> 	markku.kolkka at iki.fi
Blocking a port with iptables is rather trivial. A couple of examples.

$IPTABLES -A INPUT -p udp --sport 23 -s 0/0 -j LOG --log-prefix \
"Incorrect DNS source"
$IPTABLES -A INPUT -i lo --sport 631 -j ACCEPT
$IPTABLES -A FORWARD -o $EXTIF -p tcp --dport 137 -j DROP
$IPTABLES -A FORWARD -o $EXTIF -p tcp --dport 138 -j DROP
$IPTABLES -A FORWARD -o $EXTIF -p tcp --dport 139 -j DROP

See http://www.linuxguruz.com/iptables/ for more and better information
-- 
jludwig <wralphie at comcast.net>


-- 
fedora-list mailing list
fedora-list at redhat.com
To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list





More information about the fedora-list mailing list