Re: Killing Napster

From: Jayson Broughton (jbroughtonat_private)
Date: Thu Feb 17 2000 - 10:34:12 PST

Next message: Carl Brewer: "slightly off-topic, tcpdump output analysis?"

Previous message: Michael.Eberleat_private: "FW1 and Esafe Protect Gateway"
Maybe in reply to: Andrew Scoggins: "Killing Napster"
Next in thread: Robert Graham: "Re: Killing Napster"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Andrew,
When installed, and setting up a user Napster connects to TCP port
1041 at
208.178.175.132:rmt.  After the user information is setup and stored
on their server,
the program searches for an open port.  In this case it was TCP 6699.
 When you are
communicating with users in a chatroom, or connected it seemed to
like tcp 6700 to
208.178.175.132:1245.  The program allows users to get mp3's of your
computer if
they connect to you and you have a certian folder shared(default
napster/music).  I am
sure you can turn this off in the preferences.  And I know you can
specify it not to share
when you are installing.  To see what port that your user is running
active: Execute
Napster Music Community, goto File: Preferences: dataport.  This will
show you what
port is listening on the computer and allow you to change it.  So if
you don't want your
user to be using napster, just block that port.  Of course napster
was probably
designed knowing that someone would do this and the programmers let
that port be
changable.  Best way is to just remove napster all togeather if you
dont' want them to
get though.
     Keep in mind, this was all gathered within afew minutes of
reading your email,
installing the program and fooling around with it.  There are
probably others out there
that know more.

Jayson Broughton
HQ-All Bases Covered
Network & Security Administrator

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.2 for non-commercial use <http://www.pgp.com>

iQA/AwUBOKw/IKe75Wq9veF/EQKLxwCdGz+tje+gl2oBt29fgrVDIIQjbMEAn1uc
B4d6WQg6i/crIBOQP1Z4kwVp
=+n5+
-----END PGP SIGNATURE-----

Andrew Scoggins wrote:

> Hello all,
>
> I am currently looking into killing the MP3 Program Napster.
>
> A user told me that he had been using it inside the firewall to download
> files on an external Napster server. He assumed he was safe because he
> was behind the firewall, but soon discovered that other users were
> downloading from his machine. My guess is that Napster establishes a
> connection from client to server that is used for uploads AND downloads.
> So, the burning question is, has anyone blocked Napster by specifying
> the destination port (which I haven't figured out yet) going out? I am
> not running an application level firewall, so I can only do it by port.
>
> Thanks for any help. I also post other info as I find it.
>
> Andy
>
> --
> =-=-=-=-=-=-=-=-=-=-=-=-=-=
>   Andy Scoggins
>   Network Analyst
>   Progress Software
>   scogginsat_private
> =-=-=-=-=-=-=-=-=-=-=-=-=-=
>
>   Information security is
>   Y2K without the deadline.

Next message: Carl Brewer: "slightly off-topic, tcpdump output analysis?"
Previous message: Michael.Eberleat_private: "FW1 and Esafe Protect Gateway"
Maybe in reply to: Andrew Scoggins: "Killing Napster"
Next in thread: Robert Graham: "Re: Killing Napster"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:04:28 PDT