• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2560
  • Last Modified:

Cisco 1841: how to shut down streamtheworld?

Anyone know if there's a simple way to shut down streamtheworld.com using access control lists on our 1841 router (base image?).

I have a company full of "children" who can't figure out why bandwidth grinds to a halt when everyone streams their favorite radio station...

The problem I have found is that streamtheworld seems to be working over the Macromedia/Adobe flash player and streams it's media over port 80.   Grrrr....
0
FlyboyData
Asked:
FlyboyData
  • 4
  • 3
  • 2
2 Solutions
 
JFrederick29Commented:
Give this a shot:

conf t

ip access-list ext 150
deny ip any 208.80.52.0 0.0.3.255
permit ip any any

int fa0/1   <--interface connected to LAN
ip access-group 150 in
0
 
donmanrobbCommented:
You can use NBAR to match URLs and drop the traffic or rate limit it.
I'll post a config in a few
0
 
FlyboyDataAuthor Commented:
Good one, JFrederick.  That stopped it.

I just wonder how long until someone discovers a proxy server/service to get around the blocked IP's?
0
Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

 
JFrederick29Commented:
Well, that's where a content filtering proxy server comes into play in which you can block by category, i.e. block "proxy avoidance" sites etc...
0
 
donmanrobbCommented:
Heres the NBAR way, if your router supports it should beat IP changes and proxies.
0
 
donmanrobbCommented:
Didn't post it
class-map match-all NOSTREAMWEB
 match protocol http url "streamtheworld.com"
!
!
policy-map NO_STREAM
 class NOSTREAMWEB
   drop
!
!         
!         
!         
!         
!         
interface FastEthernet0/0
 no ip address
 shutdown 
 duplex auto
 speed auto
 service-policy input NO_STREAM

Open in new window

0
 
JFrederick29Commented:
Well, it still won't beat proxy sites and the access-list blocked the entire address block registered to streamtheworld.com so IP changes shouldn't be an issue.

Either way, both will provide the same results.
0
 
donmanrobbCommented:
True enough
0
 
FlyboyDataAuthor Commented:
Good solutions, everybody.  donmanrobb: I also added the line match protocol http url "streamtheworld.net", because as I was experimenting with streaming the audio myself, I noticed that when the stream actually opens, it is usually to a streamtheworld.net address.
0

Featured Post

The Lifecycle Approach to Managing Security Policy

Managing application connectivity and security policies can be achieved more effectively when following a framework that automates repeatable processes and ensures that the right activities are performed in the right order.

  • 4
  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now