We have a 2003 server connecting 15 Windows XP computers on our network. We have also many part time college students working in our company. Lately it the network with its 9 Windows 2000 PC and 6 Win XP PC has been annoyingly slow and performing sluggishly. It is slower than before especially in the late afternoon hours when our part time workers show up. Our technician set out what caused the reduction in bandwidth by sniffing the Internet network traffic. Not much to his surprise, he found out that many of our youthful employees were cheerfully using real player to download streaming music videos. My question is: a) should I use a proxy server to block the appropriate port b) use a firewall to block the RealPlayer IP address c) use a firewall to block RTSP port which is 554 d) or use a NAT server to block the protocol that Real Player uses (RTSP)? I shall appreciate you input to this seemingly easy question but apparently not that simple.

[Reply or follow-up to this message]

Other than purchasing a sophisticated web filter like Websense webfilter (the best 
in its class, which I have experience with), you may look at opendns.org...

It will probably prove effective enough to stop your annoying youngsters.  It takes 
over your DNS service, and prevents websites that shouldn't be accessed from being 
resolved.  Its not foolproof, but its effective.

Other than that, I don't see blocking ports on a firewall or blocking certain IP 
addresses being effective.  Because realplayer can stream over port 80 also.  And 
many websites offer the content, so it would be difficult to find and block them 
all.  However, some network monitoring could provide you with all the most popular 
sites they visit.  Then you could block them at the firewall.

One question... Why not inform these students that they are not allowed to access 
these sites, and that their actions are being monitored.  If they continue to violate 
the policy their privileges or job will be lost.

[Reply or follow-up to this message]

NAT server to block the protocol that Real Player uses and any other streaming feed...

[Reply or follow-up to this message]

I appreciate your input to my inquiry. As the common saying goes, there is always something new to know (learn). Of the two possible solutions, openDNS seemed all to be more inclusive. A look at the NAT server as another alternative to block downloading streaming music video led to me to many fascinating searches and discoveries related to NAT which I never knew existed. Thank you all.

[Reply or follow-up to this message]

There are two methods to make opendns way more effective.  

The easiest, would be to block all outgoing requests on port 53, other than those 
from your windows server.  This will prevent anyone, even if they have administrative 
access, from making DNS queries from a server other than your windows server.  You 
can do this with even the lowest end routers/firewalls (even home based units).

Number two, you could lock down the PCs, by making sure they do not have administrative 
access, and making sure they can not make changes to entries in the network connection 
settings (DNS settings more specifically).

You want to gurantee the only DNS server they can query is your windows server, which 
is how they are setup to function properly on a domain anyways.

[Reply or follow-up to this message]

You could also employ QoS to stop this type of activity. Although, I have to admit, a previous response said it best when he said to inform all the summer students that this is against policy and then fire the first one you catch. Odd's are, the rest would toe the line nicely.


On Monday, May 12, 2008 at 6:32 pm, Kiremerwa-Kato Simon wrote:
>We have a 2003 server connecting 15 Windows XP computers on our network. We have
>also many part time college students working in our company. Lately it the network
>with its 9 Windows 2000 PC and 6 Win XP PC has been annoyingly slow and performing
>sluggishly. It is slower than before especially in the late afternoon hours when
>our part time workers show up. Our technician set out what caused the reduction in
>bandwidth by sniffing the Internet network traffic. Not much to his surprise, he
>found out that many of our youthful employees were cheerfully using real player to
>download streaming music videos. My question is: a) should I use a proxy server to
>block the appropriate port b) use a firewall to block the RealPlayer IP address c)
>use a firewall to block RTSP port which is 554 d) or use a NAT server to block the
>protocol that Real Player uses (RTSP)? I shall appreciate you input to this seemingly
>easy question but apparently not that simple.

[Reply or follow-up to this message]

Thanks for the advice to get tough with the assuming young mis adventurers who had made it a habit downloading stuff without permission. We have instituted a new policy of "Carrot and stick" or should call it "Stick and Carrot"? If the few (most of them didn't do) misbehaving ones are identified we show them the door. Those who follow company policy of not downloading anything or visiting shopping malls like amazon or eBay are rewarded with a carrot, no,with carrots. I checked QoS, I heard it before but a recent check on the technique or methodology I found it sophisticated, a little bit complicated though but worth to look at further for future security improvements.

[Reply or follow-up to this message]

• Search this forum
• Start a new thread on a different subject

• Report abuse of the forum