Topic: damn you WMP, damn you to hell!!

[funkusmunkus]

Hi all,

someone on the network just discovered live music streaming using wmp, but it seems to use port 80, i heared that realplayer can use the http protocol to do that, i was wondering if someone has worked out a way of stopping people from streaming audio that way.

cheers

[Michiel]

Apparently the user can use just about any port he likes, so blocking the port number would'nt get you anywhere.

Maybe you could
1/ Only allow internet access through squid
2/ Block all relevant content types in squid.conf:
   acl music url_regex -i .mp3 .avi .mpeg .mpe .mpg .qt
.ram .rm .wav .mov .wpl
   http_access deny music

Not sure if this will work and it might be a problem if your users require direct access for ftp, ssh, etc, but I would be very interested if you get it working.

regards,
Michiel

[sspfunk]

hello my funk brutha

this is an easy one

remove wmp from the offending computer

[arne]

There is a traficmonitoring program named iptraf. If you download the RedHat 7.3 RPM and install this you will be able to motitor all trafic. You wil also be able to read the ip of the internal PC downloading music.

[funkusmunkus]

this is an easy one

remove wmp from the offending computer

well i solved the problem at the moment using an even easier method, i asked the person not to do it any more
it was all thanx to sarg reports (love your work sarg)
but it is a short term fix, i want to solve the problem from ever re-occurring in the future.
so i'll play around with squid and see if i can stop any unwanted trafic.
but that might have to wait for a few weeks till i have more time to get around to it.

[chris burnat]

You possibly could solve your problem with dansguardian.  Dungog has released a modules allowing the blocking of http traffic for specific files using the server-manager interface, i.e. mp3.mpeg, mpg, etc. I am using it to block all exe files with great success at a number of istes over the past 3 weeks.

[raem]

http://mirror.contribs.org/smeserver/contribs/rmitchell/smeserver/howto/dansguardian%20instal%20&%20configure%20HOWTO%20for%20sme%20server.htm

[funkusmunkus]

I'm test trialing it on my home network first, i wonder if anyone at home will notice  
then when i know what i'm doing  i'll get it up and running at work.

[raem]

You can see what users are trying to access by looking at the Dansguardian logs. Try filtering the log report on DENIED.