Question : How to block IM,P2P applications, Google earth,multimedia contents from PIX 525 ver 7.0(6)

Hi Experts

I am really worried about the bandwidht usage by p2p applications, I need to block all P2P applications, messengers, youtube, metacafe, proxy softwares from my pix 525 ver 7.06. I need the way to block them, either by access-list or by any other available means. We don't have websense or blue coat to block these things, I know i cannot achieve 100 % but to certain extent i want block these applications, also is there any way to block certain web sites. Please let me know .

Answer : How to block IM,P2P applications, Google earth,multimedia contents from PIX 525 ver 7.0(6)

This examples from Cisco using advanced http inspect features:
http://www.cisco.com/univercd/cc/td/doc/product/multisec/asa_sw/v_70/cref_txt/gl.htm#wp1642303

The following example shows how to identify HTTP traffic, define an HTTP map, define a policy, and apply the policy to the outside interface:

hostname(config)# class-map http-port
hostname(config-cmap)# match port tcp eq 80
hostname(config-cmap)# exit
hostname(config)# http-map inbound_http
hostname(config-http-map)# content-length min 100 max 2000 action reset log
hostname(config-http-map)# content-type-verification match-req-rsp reset log
hostname(config-http-map)# max-header-length request bytes 100 action log reset
hostname(config-http-map)# max-uri-length 100 action reset log
hostname(config-http-map)# exit
hostname(config)# policy-map inbound_policy
hostname(config-pmap)# class http-port
hostname(config-pmap-c)# inspect http inbound_http
hostname(config-pmap-c)# exit
hostname(config-pmap)# exit
hostname(config)# service-policy inbound_policy interface outside

This example causes the security appliance to reset the connection and create a syslog entry when it detects any traffic that contain the following:

Messages less than 100 bytes or exceeding 2000 bytes
Unsupported content types <== you can define what types are supported
HTTP headers exceeding 100 bytes
URIs exceeding 100 bytes

Reference on content types: http://www.cisco.com/univercd/cc/td/doc/product/multisec/asa_sw/v_70/cref_txt/c.htm#wp1969931

Random Solutions

Does WINS receives entry for hosts in different subnets !!!

NAS has Phantom IPs and replies when switched off

XP booting slow

How do I Identify the Time Server for my domain?

Integrate GoDaddy domain registration into WHM autopilot.

No Greeting From Remote Host

Kixtart 4.22 installation

Home office mini switch fails. borrowed hub works fine. Why?

receiving email through SBS 2003 and also a cell phone