2) can anyone tell me how to block access to kazaa? thanks, alex.
I came across this last night: http://l7-filter.sourceforge.net/
It is a kernel module that can filter packets based on their application data, and is intended to spot services like kazaa which use unpredictable ports. It can be used with iptables to filter them out, if you are running a linux gw.
cheers Matthew Wilson.
http://www.lowth.com/p2pwall/ftwall/
http://togami.com/~warren/fedora/ftwall-1.07-0.fdr.3.src.rpm
bugzilla.fedora.us is down until Monday, January 5th due to the power maintenace on that building, so I can't include that link now.
ftwall is a Netfilter QUEUE based detection and blocking mechanism for kazaa's fasttrack protocol. It requires some extra Netfilter kernel modules available from netfilter.org's patch-o-matic, and some iptables rules. I use it in production for one 500+ machine network at a school in Hawaii.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=109474
Only trouble is ftwall itself wont compile on FC1 due to this glibc-kernheaders bug in tcp.h. If I replace tcp.h with the one from RH9, then I am able to compile ftwall. The resulting binary RPM works fine on FC1.
Warren
