Get Some
General => Technology & Hardware => Topic started by: mattnz on January 10, 2013, 08:45:46 pm
-
So what sort of hardware do I need to block P2P traffic as completely as possible? i.e. more than blocking ports, putting the brakes on people downloading crazy data.
It's in a motel situation, and I need to do work, whereas the proprietors are concerned about copyright infringement. I have the technical skills to be able to set a system up, but I'm no network engineer, so would appreciate any input.
-
So what sort of hardware do I need to block P2P traffic as completely as possible? i.e. more than blocking ports, putting the brakes on people downloading crazy data.
It's in a motel situation, and I need to do work, whereas the proprietors are concerned about copyright infringement. I have the technical skills to be able to set a system up, but I'm no network engineer, so would appreciate any input.
Not strictly speaking my area of expertise, but the short answer is WAY more than they are going to want to spend.
The much cheaper option is buy something like a Zenbu router, and give out free access vouchers to customers.
-
Or you could put a smoothwall or other firewall pc or even install it on a rasppi and place it between the router and wan link/internet link.
-
Matt - 'Untangle' appliance.
http://www.untangle.com/
Have one @ work for Network QOS and it's a no brainer. The Application Control module should do what you want.
-
^They look pretty awesome
-
Yeah, thought it might be a bit expensive/technical. Ah well, just gives me an excuse not to work, thanks :D
-
Or you could put a smoothwall or other firewall pc or even install it on a rasppi and place it between the router and wan link/internet link.
The Problem:
It is simply not possible to rely on port numbers in order to determine what applications are running on a network. Standard applications can run on non-standard ports, malicious or bandwidth hungry applications can run on random ports or standard ports pretending to be another application, and some applications spawn child connections on random ports. Making network infrastructure decisions or enforcing Quality of Service becomes impossible without knowing exactly what’s running on the network.
Exinda Layer 7 Discovery:
Exinda uses L7 signatures in conjunction with advanced pattern matching technology and proprietary connection analysis technology to discover applications at layer 7. The L7 discovery system provides the following benefits.
- Discovery of applications running on non-standard ports (e.g. HTTP over ports other than 80).
- Discovery of applications using seemingly random ports (e.g. P2P).
- Discovery of applications pretending to be another application by deliberately using standard ports (e.g. P2P, steaming, IM over HTTP, port 80).
- Discovery of applications that spawn child connections on random ports (e.g. FTP, SIP).
- Discovery of applications that are fully encrypted like BitTorrent and Skype
Blocking ports will stop some traffic, not Matt's post said he wanted something that goes beyond that.. Something like an Exinda appliance.. and they are 5-6 figures.
-
Or you could look at http://www.clearfoundation.com/Software/overview.html , which offers a layer 7 filter, is very usable, and appears to be free.....