Results 1 to 5 of 5

Thread: Expert Setting: How to block video streaming such YouTube/Metacafe?

  1. #1
    cronosmachine Guest

    Default Expert Setting: How to block video streaming such YouTube/Metacafe?

    Hi,
    I wondering to know.

    Currently I'm have Laptop running with ZA with configuration (I called as server):
    1. 3G modem build-in as a gateway with ICS enabled through wireless, my WAN will be dynamic IP.
    2. Current LAN IP address 192.168.0.1/24 without any DNS configured.

    There are 2 PC connected to Server:
    1. PC1 192.168.0.5
    2. PC2 192.168.0.10

    On ZONES setting:
    1. I change my WAN and named to '3G Network' as my Internet Zone.
    2. And make my LAN and named to 'Local Network' with 192.168.0.0 range as my Trusted Zone.

    Then EXPERT setting, I make rules:
    1. Name: PC1
    - Source: PC1, Internet Zone
    - Destination: Internet Zone, PC1
    - Protocol: Browsing Only (Contain: HTTP, HTTPS, DHCP, DHCP Client, DNS, NETBIOS Datagram, NETBIOS Name, NETBIOS Session)

    2. Name: PC2
    - Source: PC2, Internet Zone
    - Destination: Internet Zone, PC2
    - Protocol: Browsing Only (Contain: HTTP, HTTPS, DHCP, DHCP Client, DNS, NETBIOS Datagram, NETBIOS Name, NETBIOS Session)


    First Requirement:
    1. Client PC only able to surf internet & messenger (MSN, SKype, YM)
    2. Client PC can not PING to Internet Zone.
    3. Client PC can PING Local Zone.

    Second Requirement (including Normal requirement):
    4. Client PC can not streamng video such YouTube, Metacafe

    Please advise me above setting are correct to configure for First Requirement?
    And how to configure for Second Requirement?

    Operating System:Windows XP Pro
    Software Version:8.0
    Product Name:ZoneAlarm (Free)

  2. #2
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Expert Setting: How to block video streaming such YouTube/Metacafe?


    <blockquote><hr>cronosmachine wrote:
    Hi,
    I wondering to know.

    Currently I'm have Laptop running with ZA with configuration (I called as server):
    1. 3G modem build-in as a gateway with ICS enabled through wireless, my WAN will be dynamic IP.
    2. Current LAN IP address 192.168.0.1/24 without any DNS configured.

    There are 2 PC connected to Server:
    1. PC1 192.168.0.5
    2. PC2 192.168.0.10

    On ZONES setting:
    1. I change my WAN and named to '3G Network' as my Internet Zone.
    2. And make my LAN and named to 'Local Network' with 192.168.0.0 range as my Trusted Zone.

    Then EXPERT setting, I make rules:
    1. Name: PC1
    - Source: PC1, Internet Zone
    - Destination: Internet Zone, PC1
    - Protocol: Browsing Only (Contain: HTTP, HTTPS, DHCP, DHCP Client, DNS, NETBIOS Datagram, NETBIOS Name, NETBIOS Session)

    2. Name: PC2
    - Source: PC2, Internet Zone
    - Destination: Internet Zone, PC2
    - Protocol: Browsing Only (Contain: HTTP, HTTPS, DHCP, DHCP Client, DNS, NETBIOS Datagram, NETBIOS Name, NETBIOS Session)


    First Requirement:
    1. Client PC only able to surf internet & messenger (MSN, SKype, YM)
    2. Client PC can not PING to Internet Zone.
    3. Client PC can PING Local Zone.

    Second Requirement (including Normal requirement):
    4. Client PC can not streamng video such YouTube, Metacafe

    Please advise me above setting are correct to configure for First Requirement?
    And how to configure for Second Requirement?

    Operating System:
    Windows XP Pro
    Software Version:
    8.0
    Product Name:
    ZoneAlarm (Free)

    <hr></blockquote>


    This is a mess.
    The ZA is not a server or true gateway fireway for a lan...it is still only a desktop firewall.
    It can not be used to control the individual desktop attached to the server/gateway.

    The netbios file and printer sharing seems to be used, yet things are set as internet, whereas these should be set as trusted to perform the file and printer sharing.

    Controlling ports and unwanted protocols such as rtp or rtsp should be set up on the individual desktops ... or get a very decent and costly hardware firewall or get something like ipcop (or smoothwall) installed on an old desktop for a cheaper solution to the gateway firewall.

    Your first requirement:

    1. if you want to stop downloading of youtube/metacafe videos, these still use http to enter the browser, thus impossible to control ...unless you block off the correct IPs for these web sites.
    2. what is wrong with pinging internet?? Your router/dhcp/hardware gateway should be able to drop replies to any internet ping, and if not using a router, then obtain one as these are cheap.
    Many can control the icmp types and block outgoing pings is really wanted, but I see no reasone for this. ICMP is bascially a network maintenace protocol and is very much needed anyways.
    3. pinging the trusted zone is always possible by default in the ZA.. Just make sure the local IPs that are sharing are set as trusted in their own firewalls along with the required dhcp and dns server IPs.
    4. these online web sites download using http, block off the IPs (often can be eaily done in the hardware router)

    Question ...using expert rules yet you show the ZA free as the product name?
    Using the ZA pro?
    Oldsod.
    Best regards.
    oldsod

  3. #3
    cronosmachine Guest

    Default Re: Expert Setting: How to block video streaming such YouTube/Metacafe?

    Oldsod,
    Sorry I don't understand your solution.

  4. #4
    cronosmachine Guest

    Default Re: Expert Setting: How to block video streaming such YouTube/Metacafe?

    I'm using ZA Suite Trial

    Condition:
    3 Laptop (1 Laptop build-in 3G modem as Gateway, 2 others normal laptop build-in WiFi)

  5. #5
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Expert Setting: How to block video streaming such YouTube/Metacafe?

    Look here for a description of the expert rules...

    Expert Rules.

    It will help get a better understanding of how the rules work.

    Oldsod.
    Best regards.
    oldsod

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •