Re: OT: Using IOS to Block Worms / Music Streaming? from Narbik Kocharians on 2010-09-25 (Ccielab archives 09/2010)

From: Narbik Kocharians <narbikk_at_gmail.com>
Date: Sat, 25 Sep 2010 09:01:17 -0700

Just to add what Radioactive Frog stated, you could actually filter traffic
as well.
On Sat, Sep 25, 2010 at 4:22 AM, Radioactive Frog <pbhatkoti_at_gmail.com>wrote:

> Haroon,
> That means your IOS doesn't support application level filtering. Those NBAR
> match are only effecting for QoS etc.
>
> You need to download PLDM files to support what you're trying to do.
> *aka kazaa2.pdlm*, *gnutella.pdlm
>
>
> *Without downloading above PDLM files you can QoS them and put all of
> these
> apps in < 2Kbps bandwidth :)
>
>
> FROG
>
> On Fri, Sep 24, 2010 at 2:53 AM, Haroon <itguy.pro_at_gmail.com> wrote:
>
> > Hello Experts,
> >
> > Little overwhelmed over here with worm outbreak!
> >
> > Is there any way to block worms like *conficker* using Cisco IOS without
> > buying IPS subscription, etc.?
> >
> > We have some users who can't even seem to make a mouse click unless some
> > music is running in the background, how to stop music/video streaming
> with
> > IOS as well?
> >
> > I've tried using this but I don't think its helping:
> >
> > class-map match-any ATLPeer2Peer
> > match protocol bittorrent
> > match protocol edonkey
> > match protocol gnutella
> > match protocol fasttrack
> > match protocol kazaa2
> > match protocol winmx
> > match protocol directconnect
> > match protocol gopher
> > match protocol rtp
> > match protocol rtsp
> > match protocol mgcp
> > !
> > !
> > policy-map ATLPeer2Peer
> > class P2P
> > drop
> >
> > Thanks,
> >
> > Haroon
> >
> >
> > Blogs and organic groups at http://www.ccie.net
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>
>

-- 
Narbik Kocharians
CCSI#30832, CCIE# 12410 (R&S, SP, Security)
www.MicronicsTraining.com
Sr. Technical Instructor
YES! We take Cisco Learning Credits!
Training And Remote Racks available
Blogs and organic groups at http://www.ccie.net

Received on Sat Sep 25 2010 - 09:01:17 ART

This archive was generated by hypermail 2.2.0 : Fri Oct 01 2010 - 05:58:06 ART