I used to use a wonderful little tool called trafshow for identifying chatty streams/conversations. I haven't had to use it in a while, but it may still be worth looking at. Had a very nice interface, and accepted tcpdump-ish grammar for filtering iirc. -j On Sun, Jan 06, 2002 at 08:27:14PM -0500, James wrote:
From: "James" <james@james-web.net> To: "'Todd Suiter'" <todd@s4r.com> Cc: "'Walter Gray'" <wgray@wwns.net>, <nanog@merit.edu> Subject: RE: Blocking Internet Gaming Date: Sun, 6 Jan 2002 20:27:14 -0500 X-Mailer: Microsoft Outlook, Build 10.0.2616
They are specifiable on the server side. And most server operators run on default ports as it is easier to connect. But you are right. An organization policy of no games is better.
You could maybe also see if a tool like esniff (not free) or tcpdump (free) would work to track people down.
- James
-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of Todd Suiter Sent: Sunday, January 06, 2002 8:21 PM To: James Cc: 'Walter Gray'; nanog@merit.edu Subject: RE: Blocking Internet Gaming
Problem with that is you can spec those ports pretty much at will. This came up on the focus-ids@securityfocus list last week. Policy is a good place to start. Make it obvious that your org does not approve of this type of thing. Then start looking at tcpdump output to find the ports/people, and go from there.
toddler
On Sun, 6 Jan 2002, James wrote:
What kind of games specifically?
Like online Java games (Bejeweled)? Or games like Quake, Unreal,
Tribes
etc?
The latter is much easier, just block all traffic to/from the default ports which use them. A quick google would yield what they use. I'll give you a quick hint and say Quake3 is 29760-5 or so and Tribes1/2 is 28000-28005 or so.
- James
-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of Walter Gray Sent: Sunday, January 06, 2002 8:03 PM To: nanog@merit.edu Subject: Blocking Internet Gaming
Does anybody know of any good software or way to restrict Internet gaming on a corporate Network?
---end quoted text---
-- Jason Legate Sr. Net/Sys Admin, eVine, Inc. work- jlegate@evine.com | home- jlegate@alienchick.com Key Fingerprint: 4FB4 2228 DE63 3BBA 7B72 40DD 13D5 2547 821D 2909