Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 370
  • Last Modified:

Block Windows Media Player in Firewall

Running a proxy server for my company LAN, trying to lock down some unruly users.  I've found the port to close to keep RealAudio from connecting, but WMP is like a cockroach.  If I block port 1755, WMP shifts to HTTP streaming if available.  Other than completely blocking access to the site, (high maintenance), does anybody know of a way to keep WMP from connecting?
0
Fonnie
Asked:
Fonnie
  • 2
  • 2
  • 2
  • +1
1 Solution
 
jhanceCommented:
RealAudio can work over HTTP just like WMP can so I think you're going to find that you really can't block either one without blocking entire sites or the HTTP protocol itself.

How about a company policy statement issued by your management that says:

"Use of streaming audio players, including but not limited to RealAudio and Windows Media Player, from company computers and networks is prohibited.  Any employee found using such applications will be subject to disciplinary action."
0
 
FonnieAuthor Commented:
Company policy statement is already in place.  Hasn't had an effect.  In addition, over the next year we will be reconfiguring the network to bring all users through VPNs and PVCs to the corporate network, then to the Internet.  We won't have the time to watch, and we all know that no user will turn in another.  They don't understand the amount of bandwidth being used.
  Blocking port 554 seems to have turned off RealAudio.  Got the info to try that from Real.Co in their setup instructions for firewalls.
  WMP is
0
 
posivibeCommented:
0
Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
posivibeCommented:
Basically you can't:

Streaming ASF with HTTP
In/Out: TCP on Port 80

0
 
johnsor2Commented:
Blacklist MSFTs download site so they can not reload/ or download, implement login scripts and polocies.

Then use Windows scripting host, KIX32, autouser.batch login file to modify the regristery for each user in a "login script update"
Modify the TCP, UDP ports, or even Disable them to include HTTP: or whatever you what.

HKEY_CURRENT_USER\Software\Microsoft\NetShow\Player\General

Another good one is to add a bad proxy
HKEY_CURRENT_USER\Software\Microsoft\NetShow\Player\Local\   Proxy Host 0.0.0.0


You can not block ports otherwise with WMP unless you can define the ports

Meanwhile test a broken WMP make sure it does not impact the rest of your compnay apps, then implement.

Good Luck

0
 
jhanceCommented:
>Company policy statement is already in place.  Hasn't had an effect.  

OK, so how many employees have been disciplined or terminated for failing to abide by the company's policies on this?

My guess?  Zero!  

Guess how many employees you need to make an example of to get everyone's attention?  One!

Obviously you don't have company management's support for this policy.

You're going to be fighting a lonely and uphill battle without their support.
0
 
FonnieAuthor Commented:
Hadn't occurred to me to change the registry settings.  Thanks
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

  • 2
  • 2
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now