How to Stop Napster Traffic from Passing Through ISA Server (275237)


The information in this article applies to:

  • Microsoft Internet Security and Acceleration Server 2000
This article was previously published under Q275237

SUMMARY

This article describes how to stop Napster traffic from passing through Internet Security and Acceleration (ISA) Server 2000.

MORE INFORMATION

There are several methods by which ISA Server can deny access to clients that are trying to access an Internet resource, such as Napster. Use any of the following methods to deny access to various services, such as Napster, which is the sample Internet resource in this article.

Method 1

Create a Site and Content rule or a Routing rule to deny access to a specific destination that the service needs for its initial logon process. To do this, create a destination set for the destination. For example, create a destination set that contains "napster.com" and use the destination set to create a Routing rule. Navigate to the Action tab, and then select the Redirect them to a Hosted site option, at which point you can specify an internal Internet access policy Web page.

Method 2

Create either of the following Site and Content rules:
  • A Site and Content rule that denies access to the destination set that contains napster.com.

    -or-
  • A Site and Content rule that denies all content type of MP3. Refer to ISA Server Help about how to define content types.

Method 3

Use a protocol definition to deny access. Napster uses TCP port 8875 for the initial connection and the local file sharing service port is negotiated per connection. For other similar applications, you can use Network Monitor to determine the ports to be used by the initial connection. Be sure to find the ports that Napster is currently using at the time that you configure this because they may change.

After you obtain the latest information on ports for outbound connection, create a protocol definition. Protocol definitions should have settings that are similar to the following example:

Port number: 8875 (or another)
Protocol type: TCP
Direction : Outbound

Use the Protocol definition in the Protocol Rules dialog box, and create a rule that denies access to this protocol and applies to specific users, client sets, or all requests.

The third-party products that are discussed in this article are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, regarding the performance or reliability of these products.
Modification Type:MinorLast Reviewed:1/15/2006
Keywords:kb3rdparty kbFirewall kbinfo KB275237
©2004 Microsoft Corporation. All rights reserved.