Home page logo

firewall-wizards logo Firewall Wizards mailing list archives

Re: Blocking Video/Audio Streaming
From: "PaulM" <pmelson () gmail com>
Date: Tue, 23 May 2006 09:52:57 -0400

-----Original Message-----
Subject: [fw-wiz] Blocking Video/Audio Streaming

Many of the streaming video/audios uses http port 80 as transport, It is
possible to 
block this type of traffic on Cisco PIX/IOS FW? a sample config will
really help me.

The HTTP fixup doesn't allow you to deny a/v streams or files over HTTP on
its own.  You may be able to add an additional system (like a content filter
or and IDS) that can leverage the PIX to block the connection once it is
properly identified.  Part of the problem is that you have a pretty big set
of detection factors for this stuff inside of the HTTP headers.  Maybe MIME
type for some things, URL regex for others, and User-Agent for the rest.
PIX can't do that on its own.


firewall-wizards mailing list
firewall-wizards () listserv icsalabs com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]