Bittorrent Data

Forums › WorldxChange / XNet / VFX › Bittorrent Data

BigGuy

122 posts

Master Geek

Topic # 90293 19-Sep-2011 10:49
I got you with the subject header didn't I? This isnt so much a post asking for help, but a post to potentially help others out there. I was looking for a way to stop bittorrent data flowing out of my network. I was looking at potentially buying a Juniper SRX - I currently use pfsense. As luck would have it, pfsense has gone to a 2.0 release in the weekend which fixes support for such an application Have put the rule in and now feel a little more safe What are others out there doing?

687 posts

Ultimate Geek

UberGroup

Reply # 522924 19-Sep-2011 10:54
I give the torrent guys about 3 days to bypass these rules. It's a game of cat and mouse which can never be won All comment's I make are my own personal opinion and do not in any way, shape or form reflect the views of current or former employers unless specifically stated

1482 posts

Uber Geek

Trusted

Reply # 522926 19-Sep-2011 10:59
Hows skype working though? We use zentyal (software firewall) which is an upgrade on the old ebox platform. We are blocking torrents without a problem but it also kills off skype as it uses p2p ports :/, which is turning into a bit of a hassle as its installed at a backpackers.

122 posts

Master Geek

Reply # 522932 19-Sep-2011 11:05
Good call RE: Skype. I didn't test that (not that I use it much).

247 posts

Master Geek

Reply # 523029 19-Sep-2011 14:06
your never block torrents... the client software is so flexible now days and uses not just tcp but udp to make connections you basivally would have to block all ports and have nothing working its easy for a p2p to find a open port and config the software to bypass firewall hardware or software lets face it telecom tried to control it with their hardware filters with big time plan and have to give up in defeat so i doubt any business or home can control it if you think you have your in a dreamland its easy to send traffic over port 80 1720 ftp and any port use encryption tech and vpn and even easier

122 posts

Master Geek

Reply # 523055 19-Sep-2011 15:05
Just to clarify, my objective isn't to spend countless hours/days/months trying to stop people using file sharing protocols, but to make it enough of a pain in the a$$ that they will give up or find someone else's network to use - as long as it isn't mine, I don't care

16712 posts

Uber Geek

Moderator

Trusted

Biddle Corp

Subscriber

Reply # 523078 19-Sep-2011 15:35
BigGuy: Just to clarify, my objective isn't to spend countless hours/days/months trying to stop people using file sharing protocols, but to make it enough of a pain in the a$$ that they will give up or find someone else's network to use - as long as it isn't mine, I don't care Problem is you can't really do a lot to even make it hard - the trackerless UDP protocols will automatically adapt to the network and "just work". *Need help configuring your Linksys ATA or IP Phones for New Zealand? Check my blog post

247 posts

Master Geek

Reply # 523089 19-Sep-2011 15:46
theres deep packet inspection now but even theres tools and ways to encrypt so filtering that on hardware is pointless but if they use UDP or uTP as its called it can expose the real ip and normally one disables those features on torrent clients so if they wanted anon browsing then it might make it hard for them but more likely it just slow them down e.g. the up and download speeds since it will find less peers and seeders to connect with i remember talking to a whiz kid in usa who invented the first cracking pc it used 4 geforce GPU for number crunching inaffect like having a portable super computer for maths for wireless lans where it could crack 200 connections in under 5minutes theres a lot of bright sparks out there that know more then the average highly paid net admin he did say only use psk-2 with a very long password was the hardest to crack and impossibleto crack with a good password with bruteforce as it take to long