Re: Policy change: Permanent prohibition of Napster application(fwd)

To: tclug-list@mn-linux.org
Subject: Re: Policy change: Permanent prohibition of Napster application(fwd)
From: "Scott M. Dier" <sdier@cs.umn.edu>
Date: Mon, 13 Mar 2000 12:16:45 -0600 (CST)

Heres the stuff

-- 
Scott Dier <sdier@cs.umn.edu> 
Computer Science/ITLabs Systems Staff
University of Minnesota, Twin Cities

---------- Forwarded message ----------
Date: Fri, 18 Feb 2000 22:59:48 -0600 (CST)
From: Bradley Urberg Carlson <bradley@onvoy.com>
To: Susan Levy Haskell <sblh@nts.umn.edu>, net-ops@nts.umn.edu
Cc: The Best in the Business <neteng@mr.net>
Subject: Re: Policy change: Permanent prohibition of Napster application

NTS may know how to block Napster already, but here's a note Onvoy/MRNet
has shared with some other MN campuses after doing a traffic audit for
them.  We have seen up to 60% of campus traffic caused by use of this
software.

-Bradley

---snip--- 

There are lots of connections from the Internet at-large to TCP port 6699
at dozens of hosts within your network.  These are probably computers
running an MP3 server software called Napster
(http://napster.com/whatisnapster.html).  These PCs have some selections
of music in MP3 format; they connect to the Napster site and register what
music they have to offer.  Other Napster users can search the Napster
registry to find the music they want to listen to, and connect directly to
the hosting computer on your LAN.

You may want to try blocking Napster connections and observe the change in
your bandwidth utilization.  If you block tcp port 6699 (in-bound to your
LAN users), you'll see a drop in usage for about 5 minutes until the
Napster servers in your net find a new port and register that with the
Napster index.  A way to block it longer-term is to block people inside
your network from contacting the Napster servers to register their MP3
selections at-all:

  access-list 101 deny ip any 208.184.216.0 0.0.0.255 
  access-list 101 deny ip host any 208.49.239.246
  access-list 101 permit ip any any

If your routers are busy, you can do something similar by routing traffic
to those addresses to the bitbucket:

  ip route 208.184.216.0 255.255.255.0 Null0
  ip route 208.49.239.246 255.255.255.255 Null0

If you BGP-peer with providers other than Onvoy/MRNet, please verify that
these routes are limited to your IGP advertisements.

Follow-Ups:
- Re: [TCLUG:14610] Re: Policy change: Permanent prohibition of Napster application(fwd)
  - From: Adam Maloney <adam@iexposure.com>
- Re: [TCLUG:14610] Re: Policy change: Permanent prohibition of Napsterapplication (fwd)
  - From: Kevin Bullock <kbullock@ringworld.org>

Prev by Date: Re: [TCLUG:14607] Napster
Next by Date: Re: [TCLUG:14610] Re: Policy change: Permanent prohibition of Napsterapplication (fwd)
Prev by thread: Napster
Next by thread: Re: [TCLUG:14610] Re: Policy change: Permanent prohibition of Napsterapplication (fwd)
Index(es):
- Date
- Thread