mailing list archives
Re: Blocking Video/Audio Streaming
From: "PaulM" <pmelson () gmail com>
Date: Tue, 23 May 2006 09:52:57 -0400
Subject: [fw-wiz] Blocking Video/Audio Streaming
Many of the streaming video/audios uses http port 80 as transport, It is
block this type of traffic on Cisco PIX/IOS FW? a sample config will
really help me.
The HTTP fixup doesn't allow you to deny a/v streams or files over HTTP on
its own. You may be able to add an additional system (like a content filter
or and IDS) that can leverage the PIX to block the connection once it is
properly identified. Part of the problem is that you have a pretty big set
of detection factors for this stuff inside of the HTTP headers. Maybe MIME
type for some things, URL regex for others, and User-Agent for the rest.
PIX can't do that on its own.
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com