|
Posted by Jason on January 11, 2006, 6:07 am
If you were Registered and logged in, you could reply and use other advanced thread options
yes lets fogure out how to block this: I have the following info, I am going
to try and block all these ports mentioned below this weekend, and I'll see
what happens
Anyone else feel free to comment
a.. IAX is not the result of a standards group, rather a collaborative,
community based effort
a.. IAX uses a single UDP port 4569, and thus works well in NAT environments
(the obsolete IAX1 protocol used port 5036). IAX uses ONLY one udp port for
both control and data traffic. As outlined in point 4 of the IAX versus SIP
topic with IAX you will always have audio if the control connection can be
established.
a.. SIP is a text-based protocol that uses UTF-8 encoding
a.. SIP uses port 5060 both for UDP and TCP. SIP may use other transports
1718 H.323 RAS (Multicast Discovery)
1719 H.323 RAS (Unicast)
1720 H.323 Call Signaling (TCP)
2099 H.501 Border Element Signaling (H.225.0 Annex G)
2427 MGCP
2517 H.323 Call Signalling (UDP, H.323 Annex E)
2944 H.248
5060 SIP
> We have the same problem with voip boxes...
>
> I'll assume that when you plug in an adapter running H.323, it establishes
> a
> nailed up connection to a server, which is why they seem to work behind
> firewalls. As an outbound connection, you dont need to map ports. (I've
> seen 5 Linksys/Vonage boxes sitting on a Linksys BEFSX41 with a static on
> the WAN side, all work fine for both in and outbound).
>
> So... how would you go about blocking H.323 traffic? If not possible, how
> about blocking the fqnd or ips of the servers that the major players -
> Vonage, Packet8, etc - use? (Someone must have a list of the servers).
> And
> with SIP (5060) and IAX (4569), can't the ports they use be blocked
> cutting
> off the signalling path?
>
> Ideas? Help?
>
> Thanks in advance
> Dave
>
>
>
>
>
>
>>
>>> my network is being bogged down by "junk"
>>>
>>> number one on the hitlist : VOIP phones - anyone got any idea how to
>>> block them?
>>>
>>> 2nd problem is streaming radio, people just chewing up bandwidth the
>>> whole day! how to kill those?
>>>
>>> any ideas?
>>>
>>>
>>>
>>
>> Access lists to permit what you consider non-junk perhaps ?
>>
>>
>>
>
>
begin 666 term_flag.gif
M1TE&.#EA!P`$`(<``*&3*____P``````````````````````````````````
M````````````````````````````````````````````````````````````
M````````````````````````````````````````````````````````````
M````````````````````````````````````````````````````````````
M````````````````````````````````````````````````````````````
M````````````````````````````````````````````````````````````
M````````````````````````````````````````````````````````````
M````````````````````````````````````````````````````````````
M````````````````````````````````````````````````````````````
M````````````````````````````````````````````````````````````
M````````````````````````````````````````````````````````````
M````````````````````````````````````````````````````````````
M````````````````````````````````````````````````````````````
M````````````````````````````````````````````````````````````
M````````````````````````````````````````````````````````````
M````````````````````````````````````````````````````````````
M````````````````````````````````````````````````````````````
M`````````````````````"'Y! ,```(`+ `````'``0```@0``,(!""P(("#
)!@\B5,@P( `[
`
end
| 
Yahoo! 
Google 
Windows Live 
del.icio.us 
digg 
Netscape 
XML site map