Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Block BT / Web Radio port

Posted on 2006-11-23
8
Medium Priority
?
2,161 Views
Last Modified: 2012-08-13
I want apply rule to block / denied BT / Emule/ all internet radio traffic to my firewall, pls advice wich range or network port for related services.

Thanks
ITITITITITI
0
Comment
Question by:itjackiewong
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 9

Accepted Solution

by:
olifarago earned 156 total points
ID: 18001926
Hi itjackiewong,

Many programs such as BT have the ability to search out free ports so although they have default ports if they are blocked they will dynamically change.

Unless you have a reason not to, perhaps consider running your firewall with a list of accepted services not denied, i.e. block everything and just allow port 80 for web, 21 for ftp, etc.  This way you will have complete control over what services are permitted.

Hope this helps,
Oli
0
 
LVL 8

Assisted Solution

by:charan_jeetsingh
charan_jeetsingh earned 148 total points
ID: 18002971
thats true, and most of the firewalls have deny all by default and only the necessary required ports are opened for communication. anyways... which firewall are u using?
0
 

Author Comment

by:itjackiewong
ID: 18003517
I used Watchguard FB1100. If block all be default , how can allow skype , because the skype is my office offical allow using IM.

Thx
ITITITI
0
2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

 
LVL 9

Expert Comment

by:olifarago
ID: 18003537
Hi,

The following article on Skype's website explains the port requirements for Skype use.

http://www.skype.com/help/guides/firewall.html

Regards,
Oli
0
 
LVL 10

Assisted Solution

by:budchawla
budchawla earned 148 total points
ID: 18015079
Hi itjackiewong,

The problema, as Oli mentioned is that blocking ports is not enough for most apps these days... they are quite good at circumventing SPI firewalls, and can even go over HTTP, which is impossible to block if you want web access.

The solution needs to be a bit more clever than an SPI firewall, needs deep packet inspection and needs to have signature lists that allow it to recognise what the traffic is, regardless of what port its using. I'm not too sure about the firebox 1100, but I know that any of the SonicWALLs with the IPS (intrusion prevention) service running will detect the services you mentioned (and a helluva lot more) and enable you to allow/block whichever services you want with a pretty good level of granularity. Would be worth finding out if the firebox has a similar ability...

For example, a snippet of a signature list from a TZ170:

eMule -- Client Activity Over HTTP      
eMule -- Connection Attempt
eMule -- Connection Attempt (Compressed)
eMule -- Connection Attempt (eMule Plus)
eMule -- Custom Connection Attempt
eMule -- File Download Request
eMule -- File Search (eMule Plus)
eMule -- Known Servers
eMule -- Outbound Server List Request
eMule -- Outbound Server List Request
eMule -- Partial File Receive
eMule -- Partial File Send
eMule -- Partial File Transfer Request
eMule -- Transfer Slot Request
eMule -- User Search
eMule -- User Search_2

and for multimedia traffic:

AOL browser login
AOL Radio -- Connection Attempt
Audio Galaxy -- Keepalive Activity
Icecast -- Playlist Redirection
Icecast -- Streaming Content Delivery
iTunes -- Client Activity
Multimedia Download
Musicmatch -- Connection Attempt
Musicmatch -- Connection Attempt (Jukebox Radio)
Quicktime -- Client Activity
RealMedia -- Client Activity (RMAgent)
SHOUTcast -- Generic Network Traffic
Shoutcast -- Playlist Redirection
Video Download
WinAmp -- Client Activity
WinAmp -- Client Activity
Windows Media -- Audio Download
Windows Media -- Real Time Streaming Connection
Windows Media -- WMServices 9.00 Delivery
XMMS -- Client Activity

HTH?
0
 
LVL 13

Assisted Solution

by:hstiles
hstiles earned 148 total points
ID: 18020209
The Gaveway AV/IPS for the Firebox is very good at blocking P2P and IM traffic trying to get out over port 80.  Furthermore, the HTTP proxy and web blocker are very powerful.  Using simple port rules is simply not enough to secure outbound web traffic nowadays, you need something application aware rather than something that just operates at the transport layer and below.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
In response to a need for security and privacy, and to continue fostering an environment members can turn to for support, solutions, and education, Experts Exchange has created anonymous question capabilities. This new feature is available to our Pr…
Please read the paragraph below before following the instructions in the video — there are important caveats in the paragraph that I did not mention in the video. If your PaperPort 12 or PaperPort 14 is failing to start, or crashing, or hanging, …
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question