P2P international port blocking?

Discussion in 'NZ Computing' started by Brett, Apr 28, 2006.

  1. Brett

    Brett Guest

    Hi, a couple of questions I'm wondering about.

    1/ I want to block/filter internation p2p traffic on my network.

    Is there an easy why to do that?

    1.b/ can I block/filter traffic to just me and my isp?

    2/ could this block/filter work on the p2p's software out going files?

    Smiles
    Brett
     
    Brett, Apr 28, 2006
    #1
    1. Advertising

  2. On Thu, 27 Apr 2006 22:45:49 -0700, Brett wrote:

    > 1/ I want to block/filter internation p2p traffic on my network.
    >
    > Is there an easy why to do that?


    Probaly not without blocking all ports other than the standard ports such
    as 25, 80, etc.


    Have A Nice Cup of Tea

    --
    1/ Migration to Linux only costs money once. Higher Windows TCO is forever.
    2/ "Shared source" is a poison pill. Open Source is freedom.
    3/ Only the Windows boxes get the worms.
     
    Have A Nice Cup of Tea, Apr 28, 2006
    #2
    1. Advertising

  3. Brett

    El Penguino Guest

    On Fri, 28 Apr 2006 18:41:49 +1200, Have A Nice Cup of Tea <>
    wrote:

    >On Thu, 27 Apr 2006 22:45:49 -0700, Brett wrote:
    >
    >> 1/ I want to block/filter internation p2p traffic on my network.
    >>
    >> Is there an easy why to do that?

    >
    >Probaly not without blocking all ports other than the standard ports such
    >as 25, 80, etc.


    Bit torrent works quite happily on port 25 or 80, behind a corporate
    firewall ( ahem, I have heard). You may need something a tad smarter.
     
    El Penguino, Apr 28, 2006
    #3
  4. On Fri, 28 Apr 2006 21:41:23 +1200, El Penguino
    <> wrote:

    >On Fri, 28 Apr 2006 18:41:49 +1200, Have A Nice Cup of Tea <>
    >wrote:
    >
    >>On Thu, 27 Apr 2006 22:45:49 -0700, Brett wrote:
    >>
    >>> 1/ I want to block/filter internation p2p traffic on my network.
    >>>
    >>> Is there an easy why to do that?

    >>
    >>Probaly not without blocking all ports other than the standard ports such
    >>as 25, 80, etc.

    >
    >Bit torrent works quite happily on port 25 or 80, behind a corporate
    >firewall ( ahem, I have heard). You may need something a tad smarter.


    Routers that track the protocol being used, regardless of the port
    number, are readily available. They are not particularly cheap
    though.
     
    Stephen Worthington, Apr 28, 2006
    #4
  5. On Fri, 28 Apr 2006 17:12:12 +0000, Stephen Worthington wrote:

    > Routers that track the protocol being used, regardless of the port
    > number, are readily available. They are not particularly cheap
    > though.


    Are they effective even when the transmissions have been encrypted?


    Have A Nice Cup of Tea

    --
    1/ Migration to Linux only costs money once. Higher Windows TCO is forever.
    2/ "Shared source" is a poison pill. Open Source is freedom.
    3/ Only the Windows boxes get the worms.
     
    Have A Nice Cup of Tea, Apr 28, 2006
    #5
  6. Brett

    Brett Guest

    Have you got an applictaion names in mind that could manage that?
     
    Brett, Apr 29, 2006
    #6
  7. On 28 Apr 2006 20:21:49 -0700, "Brett" <> wrote:

    >Have you got an applictaion names in mind that could manage that?


    No, I am thinking of hardware routers. The usual big-name router
    manufacturers all seem to have this sort of router available.

    But it is quite likely that there is router software out there that
    you can run on a BSD or Linux box that will do this too. Whether
    there is freeware, I do not know - I think it is less likely.
     
    Stephen Worthington, Apr 29, 2006
    #7
  8. On Sat, 29 Apr 2006 10:44:08 +1200, Have A Nice Cup of Tea <>
    wrote:

    >On Fri, 28 Apr 2006 17:12:12 +0000, Stephen Worthington wrote:
    >
    >> Routers that track the protocol being used, regardless of the port
    >> number, are readily available. They are not particularly cheap
    >> though.

    >
    >Are they effective even when the transmissions have been encrypted?
    >
    >
    >Have A Nice Cup of Tea


    That depends on the protocol and where the router is positioned in the
    network. If the router can see the connection packets as the
    encryption is established, then potentially it can see inside
    encrypted connections. I do not know if real routers can do that, as
    I have not used that sort of router myself and have not studied them
    much. If you are really trying to tie things down tightly, then you
    may need to block encrypted connections also, except for ones you want
    to allow where both end IPs are know to the router as being safe.
     
    Stephen Worthington, Apr 29, 2006
    #8
  9. It
    "Stephen Worthington" <34.nz56.remove_numbers> wrote in
    message news:...
    > On 28 Apr 2006 20:21:49 -0700, "Brett" <> wrote:
    >
    >>Have you got an applictaion names in mind that could manage that?

    >
    > No, I am thinking of hardware routers. The usual big-name router
    > manufacturers all seem to have this sort of router available.
    >
    > But it is quite likely that there is router software out there that
    > you can run on a BSD or Linux box that will do this too. Whether
    > there is freeware, I do not know - I think it is less likely.


    It is 100% possible on linux (as I have done it in the past and should be
    reliable enough for most networks
    (Layer 7 Linux)

    Thanks
    Craig
     
    Craig Whitmore, Apr 29, 2006
    #9
  10. Brett

    Brett Guest

    Thanks ALL I see now the direction I have to look. It may need a
    change to P2P software, to have a realtime port trafic report and then
    that report to be blocked or not.

    Now where did I put the $20ooo develpore cheque..
     
    Brett, Apr 29, 2006
    #10
  11. Brett

    Fred Dagg Guest

    On 27 Apr 2006 22:45:49 -0700, "Brett" <>
    exclaimed:

    >Hi, a couple of questions I'm wondering about.
    >
    >1/ I want to block/filter internation p2p traffic on my network.
    >
    >Is there an easy why to do that?
    >
    >1.b/ can I block/filter traffic to just me and my isp?
    >
    >2/ could this block/filter work on the p2p's software out going files?


    You really need an application aware firewall with logging and
    reporting such as Microsoft ISA (NOT ISA2000 - it is crappy).

    It is relatively easy to block P2P using ISA, and a quick skim over
    the reports will indicate whether someone has found a way around it.

    If it is a business, you should also have a Internet Usage Policy that
    clearly and specifically bans P2P use for non-work-related purposes.
     
    Fred Dagg, Apr 30, 2006
    #11
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Dhruv

    stealth-blocking, isp blocking website

    Dhruv, Oct 25, 2004, in forum: Computer Security
    Replies:
    9
    Views:
    3,108
  2. Andrew Watiker

    Blocking P2P on Home Computer

    Andrew Watiker, Jan 24, 2004, in forum: Computer Information
    Replies:
    8
    Views:
    4,243
    Spajky®
    Jan 28, 2004
  3. Replies:
    73
    Views:
    1,430
    jasen
    Sep 22, 2006
  4. David
    Replies:
    48
    Views:
    1,776
    Brendan
    Nov 29, 2006
  5. - Bobb -

    Blocking international websites ?

    - Bobb -, Sep 27, 2010, in forum: Computer Information
    Replies:
    5
    Views:
    514
Loading...

Share This Page