Solved

How to block Stream Media,Itunes radio,WIndows Media Player radio, real audio readio, itunes radio

Posted on 2008-10-16
13
7,941 Views
Last Modified: 2011-10-19
we have a T1 and currently have 30 users in it, and we are killing the bandwitdh, what i have found is that some of the users are playing radio, i would like to block all radio or most radio protocols using sonicwall 170 TZ, i know they all come thru port 80 but i cannot block this port because is also being utilize by Web traffic. is there a way i could create a real for port 80 inbound to block certain protocols? please help.

thanks
0
Comment
Question by:Cholo123
13 Comments
 
LVL 1

Expert Comment

by:tkuennen
ID: 22737322
To block iTunes your first need to start with the ports iTunes uses:
Port 3689 TCP
Port 5353 UDP
Blocking these ports on the firewall will stop iTunes streaming.

As for blocking all streaming media you will have to block all ports that the Real Time Streaming Protocol (RTSP) uses. To view the background of RTSP you will want to read the original RFC (2326) from the Internet Engineering Task Force.
http://tools.ietf.org/html/rfc2326
To view a list of the common IP ports you will want to review the common port listing from the Internet Assigned Numbers Authority (IANA)
http://www.iana.org/assignments/port-numbers
0
 
LVL 6

Expert Comment

by:ajeab
ID: 22759877
you can block the site directly. and/or block known extension.  Also, make it a company policy not allow to stream.  When the users know that their job may be on the line, most will stop.
0
 
LVL 7

Expert Comment

by:VCBooth
ID: 22766110
If they are coming through port 80 then you can either block the websites (as ajeab suggests) or, if you have Enhanced O/S and have downloaded the latest firmware then you can create an Application Firewall Rule for HTTP to block it.

Latest version has a wizard that should help you with this.

(With Application Firewall you can even throttle the bandwidth of the stations so that you don't need to block them entirely if it helps you)
0
 
LVL 4

Expert Comment

by:keamo
ID: 22814417
With the TZ170 you can block specific ports that use streaming media.  i.e. RTSP 554 UDP/TCP.  But, I would recommend using a product called Surfcontrol(now Websense).  You can get very granular in your control of who/what/when accesses internet destinations.
0
 

Author Comment

by:Cholo123
ID: 22828210
would you be able use this software to block most of the radio stations out there? we have a enterprise networking using sonicwalls, about 40 offices.
0
 
LVL 4

Expert Comment

by:keamo
ID: 22828247
Correct.  With Surfcontrol, you can block a number of different categories including Streaming Media.

http://www.surfcontrol.com/Default.aspx?id=374
SCwebfilter.pdf
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:Cholo123
ID: 22828258
thx already asked for a quote hopefully is not expensive.
0
 
LVL 4

Expert Comment

by:keamo
ID: 22828270
That's the downside.  They're pricey.  But, IMHO, they are the best.  Good Luck!
0
 

Author Comment

by:Cholo123
ID: 22828307
one quick question in the tz 170 standard, firmware SonicOS Standard 3.1.5.0-2s, i dont have this protocol RTSP. i only have udp and tcp when creating ports. any tip if i should crate this somewhere else?
0
 
LVL 4

Expert Comment

by:keamo
ID: 22828318
You should have an existing default service called "Quicktime" with a TCP port of 554.  Then you can create your own custom service with UDP 554 and call it whatever you want.

http://www.cs.columbia.edu/~hgs/rtsp/
0
 

Author Comment

by:Cholo123
ID: 22828351
got it thanks a bunch , i'm also seeing this guy, should i block that port?

RealAudio  7070 TCP  
0
 
LVL 4

Accepted Solution

by:
keamo earned 500 total points
ID: 22828377
Yep.  You can block anything you want.  You can also go to Logs, Reports and click on "Start Data Collection" then select "Bandwidth Usage by IP Address" to see where the heavy hitters are. (Let this run for awhile to gather data)
0
 

Author Comment

by:Cholo123
ID: 22828383
thanks alot appreciated all the info.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

There are two basic ways to configure a static route for Cisco IOS devices. I've written this article to highlight a case study comparing the configuration of a static route using the next-hop IP and the configuration of a static route using an outg…
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

912 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now