Solved

How to block Stream Media,Itunes radio,WIndows Media Player radio, real audio readio, itunes radio

Posted on 2008-10-16
13
7,957 Views
Last Modified: 2011-10-19
we have a T1 and currently have 30 users in it, and we are killing the bandwitdh, what i have found is that some of the users are playing radio, i would like to block all radio or most radio protocols using sonicwall 170 TZ, i know they all come thru port 80 but i cannot block this port because is also being utilize by Web traffic. is there a way i could create a real for port 80 inbound to block certain protocols? please help.

thanks
0
Comment
Question by:Cholo123
13 Comments
 
LVL 1

Expert Comment

by:tkuennen
ID: 22737322
To block iTunes your first need to start with the ports iTunes uses:
Port 3689 TCP
Port 5353 UDP
Blocking these ports on the firewall will stop iTunes streaming.

As for blocking all streaming media you will have to block all ports that the Real Time Streaming Protocol (RTSP) uses. To view the background of RTSP you will want to read the original RFC (2326) from the Internet Engineering Task Force.
http://tools.ietf.org/html/rfc2326
To view a list of the common IP ports you will want to review the common port listing from the Internet Assigned Numbers Authority (IANA)
http://www.iana.org/assignments/port-numbers
0
 
LVL 6

Expert Comment

by:ajeab
ID: 22759877
you can block the site directly. and/or block known extension.  Also, make it a company policy not allow to stream.  When the users know that their job may be on the line, most will stop.
0
 
LVL 7

Expert Comment

by:VCBooth
ID: 22766110
If they are coming through port 80 then you can either block the websites (as ajeab suggests) or, if you have Enhanced O/S and have downloaded the latest firmware then you can create an Application Firewall Rule for HTTP to block it.

Latest version has a wizard that should help you with this.

(With Application Firewall you can even throttle the bandwidth of the stations so that you don't need to block them entirely if it helps you)
0
Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

 
LVL 4

Expert Comment

by:keamo
ID: 22814417
With the TZ170 you can block specific ports that use streaming media.  i.e. RTSP 554 UDP/TCP.  But, I would recommend using a product called Surfcontrol(now Websense).  You can get very granular in your control of who/what/when accesses internet destinations.
0
 

Author Comment

by:Cholo123
ID: 22828210
would you be able use this software to block most of the radio stations out there? we have a enterprise networking using sonicwalls, about 40 offices.
0
 
LVL 4

Expert Comment

by:keamo
ID: 22828247
Correct.  With Surfcontrol, you can block a number of different categories including Streaming Media.

http://www.surfcontrol.com/Default.aspx?id=374
SCwebfilter.pdf
0
 

Author Comment

by:Cholo123
ID: 22828258
thx already asked for a quote hopefully is not expensive.
0
 
LVL 4

Expert Comment

by:keamo
ID: 22828270
That's the downside.  They're pricey.  But, IMHO, they are the best.  Good Luck!
0
 

Author Comment

by:Cholo123
ID: 22828307
one quick question in the tz 170 standard, firmware SonicOS Standard 3.1.5.0-2s, i dont have this protocol RTSP. i only have udp and tcp when creating ports. any tip if i should crate this somewhere else?
0
 
LVL 4

Expert Comment

by:keamo
ID: 22828318
You should have an existing default service called "Quicktime" with a TCP port of 554.  Then you can create your own custom service with UDP 554 and call it whatever you want.

http://www.cs.columbia.edu/~hgs/rtsp/
0
 

Author Comment

by:Cholo123
ID: 22828351
got it thanks a bunch , i'm also seeing this guy, should i block that port?

RealAudio  7070 TCP  
0
 
LVL 4

Accepted Solution

by:
keamo earned 500 total points
ID: 22828377
Yep.  You can block anything you want.  You can also go to Logs, Reports and click on "Start Data Collection" then select "Bandwidth Usage by IP Address" to see where the heavy hitters are. (Let this run for awhile to gather data)
0
 

Author Comment

by:Cholo123
ID: 22828383
thanks alot appreciated all the info.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen some questions on problems with SSH/telnet access to Cisco routers that may occur despite the fact that from a PC connected to your LAN, Internet connectivity is in place and users can access Internet sites without any issues.  There are…
We've been using the Cisco/Linksys RV042 for years as: - an internet Gateway - a site-to-site VPN device - a leased line site-to-site subnet-to-subnet interface (And, here I'm assuming that any RV0xx behaves the same way as an RV042.  So that's …
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question