Link to home
Start Free TrialLog in
Avatar of ndroo
ndroo

asked on

Blocking of ports

I need to block certain ports on my network to prevent access to stuff like Kazaa. I am using Prolink 8800 Router. Can anyone show me how to do it? Sorry because I know nuts about networking (well, basic ones) ... Please help. Urgent. My boss is asking me to do it asap :( Else, any better way to block them?
Avatar of deroode
deroode
Flag of Netherlands image

If the Prolink router has some sort of firewalling capability it should be in the adminstrator or user manual. I found a manual on http://www.fida.com/H8800_Manual_PPPoE.doc, but it doesn't mention a firewall.

A better option would perhaps be to get a real firewall, and place it between your router and the rest of the network.
Avatar of ClementeBiondo
ClementeBiondo

Sorry but your router can't act like a firewall.
You can achieve your goal in two ways:.
Doom (quick and dirty): start using nmap in order to monitoring the traffic of the users. Tell the boss who is using kazaa or similar.
A new sheriff in town (it takes more time but it's more effective): buy a Cisco pix 506 deicated firewall or configure a linux server with iptables so you can filter the ip traffic.
Good luck.
Similar to ClementeBiondo's response, use social engineering. It's easy if you have a hub or if you can configure a port on a switch as a monitor port . . . this way you can look at all traffic. Download a internet monitoring package which will list the URL's being visited and post this in a conspicuous place.

I have done this as a consultant for lots of small companies with limited bandwidth who didn't want to get into legal wrangles with employees about what they could or couldn't do on the internet. It indicates that they are being watched without singling anyone out.
Avatar of ndroo

ASKER

deroode, the link doesn't work :(

clemente/stevej, well my boss may consider a firewall sometime in the near future :D where can i obtain some monitoring tools? any freeware? we are using Win2000 Pro.

stevej, u mentioned 'It's easy if you have a hub or if you can configure a port on a switch as a monitor port . . . this way you can look at all traffic. Download a internet monitoring package which will list the URL's being visited and post this in a conspicuous place' ... can you show me how i can do this?

thanks everyone ...
Somehow a comma got appended to it. Try it again at:
http://www.fida.com/H8800_Manual_PPPoE.doc

good luck..
ASKER CERTIFIED SOLUTION
Avatar of ClementeBiondo
ClementeBiondo

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of ndroo

ASKER

clementebiondo,

thanks. got the stuff. i see lots of result, but how do i determine who's doing what?
the simplest way consist in monitor one by one all the
ip's of your network in order to see who is doing what
Avatar of ndroo

ASKER

it doesn't show who is using stuff like kazaa. why? hope you don't mind ... i know nuts bout these stuff :(
kazaa clients use port 1214 for incoming connections.
Remember that the smart user can change that port and evade your control.
kazaa clients use port 1214 for incoming connections.
Remember that the smart user can change that port and evade your control.