Solved

Blocking Streaming Media

Posted on 2004-08-09
7
973 Views
Last Modified: 2010-04-09
I have a network of about 30 users and a lot are starting to use Media players to stream Music, sports, etc. We have blown our data useage buy a long shot for the past 2 months and I want to put a stop to it.

Can anyone tell me how to block both Windows Media and Real Player Streams.

If it helps, I have a Netscreen 25 Firewall.

Thanks

Andrew
0
Comment
Question by:andrewharris
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 15

Expert Comment

by:Yan_west
ID: 11758696
You have to block all outgoing traffic to port 1755
Real Media: Port 554

Actually, I would block all port by default, only opening the needed one... 80 for Http, etc.. deny everything first, and open up as needed, this is the better approach.
0
 
LVL 15

Accepted Solution

by:
Yan_west earned 500 total points
ID: 11758736
Oh, and btw, people will  still be able to stream through port 80.. and you need it. Check in for firewall appliance if you can block  Mimes types.. (audio, etc..)

if you cannot, see if somewhere in your firewall config, you can block file extensions.. then you will be able to block all type of audio/video file (*.ram, *.wmv, *.wma, etc..)
0
 
LVL 4

Author Comment

by:andrewharris
ID: 11759288
Hmmm. As I thought...Port 80...The $%^&*( :-)

Gonna leave it open for a while longer to see if there is any other ideas (I doubt it, but just in case).

Andrew
0
Defend Your Organization from The Greatest Threats

Looking to fill the gaps in your security? Bring together information from the network, endpoint and threat intelligence feeds to really see what's happening in your organization. Join the WatchGuardians in their adventures fighting cyber crime!

 
LVL 36

Expert Comment

by:grblades
ID: 11765882
Hi andrewharris,
Does the netscreen support redirecting or validating URL's against a proxy server or blacklist There are various protocols for this such as WCCP.

If it does then you could setup a simple proxy server and configure it to allow/deny particular file types. You could also add on a blacklist to deny sites which only provide video files etc...

Even if it does not provide this functionality you could configure every browser to use the proxy and then only allow the proxy to access the web.
0
 
LVL 4

Author Comment

by:andrewharris
ID: 11768155
grblades,

Not as far as I know. Thanks anyway

Andrew
0
 
LVL 1

Expert Comment

by:amkessler
ID: 11772336
Sonicwall has a Feature called IPS (intrusion Protection Services) that does that and more. It will do reporting and bocking of ay predefind or custom service.  


I know you have a Netscreen, but if you are considering a trade up,  I think Sonicwall has a tradeup program still in effect, I know they did for a while in the spring.  The cost of a 25 user sonicwall Tz 170 with the necessary bells and whistles should be no more that $1700.  The newist firmware even does external wireless AP's and guest services.  A very good thing to look at.
0
 
LVL 4

Author Comment

by:andrewharris
ID: 11829943
OK,

Well no one seems interested. Thanks all.

Andrew
0

Featured Post

How our DevOps Teams Maximize Uptime

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us. Read the use case whitepaper.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Iptables Centos 6 - Sort Numerically 5 69
Do I need a hardware firewall? 12 94
Using Netsh to enable a firewall for a particular profile 6 108
Firewall blocking images 4 107
To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question