?
Solved

How to block Stream Media,Itunes radio,WIndows Media Player radio, real audio readio, itunes radio

Posted on 2008-10-16
13
Medium Priority
?
8,019 Views
Last Modified: 2011-10-19
we have a T1 and currently have 30 users in it, and we are killing the bandwitdh, what i have found is that some of the users are playing radio, i would like to block all radio or most radio protocols using sonicwall 170 TZ, i know they all come thru port 80 but i cannot block this port because is also being utilize by Web traffic. is there a way i could create a real for port 80 inbound to block certain protocols? please help.

thanks
0
Comment
Question by:Cholo123
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
13 Comments
 
LVL 1

Expert Comment

by:tkuennen
ID: 22737322
To block iTunes your first need to start with the ports iTunes uses:
Port 3689 TCP
Port 5353 UDP
Blocking these ports on the firewall will stop iTunes streaming.

As for blocking all streaming media you will have to block all ports that the Real Time Streaming Protocol (RTSP) uses. To view the background of RTSP you will want to read the original RFC (2326) from the Internet Engineering Task Force.
http://tools.ietf.org/html/rfc2326
To view a list of the common IP ports you will want to review the common port listing from the Internet Assigned Numbers Authority (IANA)
http://www.iana.org/assignments/port-numbers
0
 
LVL 6

Expert Comment

by:ajeab
ID: 22759877
you can block the site directly. and/or block known extension.  Also, make it a company policy not allow to stream.  When the users know that their job may be on the line, most will stop.
0
 
LVL 7

Expert Comment

by:VCBooth
ID: 22766110
If they are coming through port 80 then you can either block the websites (as ajeab suggests) or, if you have Enhanced O/S and have downloaded the latest firmware then you can create an Application Firewall Rule for HTTP to block it.

Latest version has a wizard that should help you with this.

(With Application Firewall you can even throttle the bandwidth of the stations so that you don't need to block them entirely if it helps you)
0
Need protection from advanced malware attacks?

Look no further than WatchGuard's Total Security Suite, providing defense in depth against today's most headlining attacks like Petya 2.0 and WannaCry. Keep your organization out of the news with protection from known and unknown threats.

 
LVL 4

Expert Comment

by:keamo
ID: 22814417
With the TZ170 you can block specific ports that use streaming media.  i.e. RTSP 554 UDP/TCP.  But, I would recommend using a product called Surfcontrol(now Websense).  You can get very granular in your control of who/what/when accesses internet destinations.
0
 

Author Comment

by:Cholo123
ID: 22828210
would you be able use this software to block most of the radio stations out there? we have a enterprise networking using sonicwalls, about 40 offices.
0
 
LVL 4

Expert Comment

by:keamo
ID: 22828247
Correct.  With Surfcontrol, you can block a number of different categories including Streaming Media.

http://www.surfcontrol.com/Default.aspx?id=374
SCwebfilter.pdf
0
 

Author Comment

by:Cholo123
ID: 22828258
thx already asked for a quote hopefully is not expensive.
0
 
LVL 4

Expert Comment

by:keamo
ID: 22828270
That's the downside.  They're pricey.  But, IMHO, they are the best.  Good Luck!
0
 

Author Comment

by:Cholo123
ID: 22828307
one quick question in the tz 170 standard, firmware SonicOS Standard 3.1.5.0-2s, i dont have this protocol RTSP. i only have udp and tcp when creating ports. any tip if i should crate this somewhere else?
0
 
LVL 4

Expert Comment

by:keamo
ID: 22828318
You should have an existing default service called "Quicktime" with a TCP port of 554.  Then you can create your own custom service with UDP 554 and call it whatever you want.

http://www.cs.columbia.edu/~hgs/rtsp/
0
 

Author Comment

by:Cholo123
ID: 22828351
got it thanks a bunch , i'm also seeing this guy, should i block that port?

RealAudio  7070 TCP  
0
 
LVL 4

Accepted Solution

by:
keamo earned 2000 total points
ID: 22828377
Yep.  You can block anything you want.  You can also go to Logs, Reports and click on "Start Data Collection" then select "Bandwidth Usage by IP Address" to see where the heavy hitters are. (Let this run for awhile to gather data)
0
 

Author Comment

by:Cholo123
ID: 22828383
thanks alot appreciated all the info.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Hello , This is a short article on how would you go about enabling traceoptions on a Juniper router . Traceoptions are similar to Cisco debug commands but these traceoptions are implemented in Juniper networks router . The following demonstr…
The Cisco RV042 router is a popular small network interfacing device that is often used as an internet gateway. Network administrators need to get at the management interface to make settings, change passwords, etc. This access is generally done usi…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question