Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.



184 posts

Master Geek
+1 received by user: 24


Topic # 90293 19-Sep-2011 10:49 Send private message

I got you with the subject header didn't I?  Smile

This isnt so much a post asking for help, but a post to potentially help others out there.

I was looking for a way to stop bittorrent data flowing out of my network.  I was looking at potentially buying a Juniper SRX - I currently use pfsense.
As luck would have it, pfsense has gone to a 2.0 release  in the weekend which fixes support for such an application Smile

Have put the rule in and now feel a little more safe Laughing

What are others out there doing?

Create new topic
785 posts

Ultimate Geek
+1 received by user: 44

UberGroup

  Reply # 522924 19-Sep-2011 10:54 Send private message

I give the torrent guys about 3 days to bypass these rules. It's a game of cat and mouse which can never be won




All comment's I make are my own personal opinion and do not in any way, shape or form reflect the views of current or former employers unless specifically stated 


1681 posts

Uber Geek
+1 received by user: 35

Trusted

  Reply # 522926 19-Sep-2011 10:59 Send private message

Hows skype working though? We use zentyal (software firewall) which is an upgrade on the old ebox platform. We are blocking torrents without a problem but it also kills off skype as it uses p2p ports :/, which is turning into a bit of a hassle as its installed at a backpackers.



184 posts

Master Geek
+1 received by user: 24


  Reply # 522932 19-Sep-2011 11:05 Send private message

Good call RE: Skype.  I didn't test that (not that I use it much).

340 posts

Ultimate Geek
+1 received by user: 3


  Reply # 523029 19-Sep-2011 14:06 Send private message

your never block torrents... the client software is so flexible now days and uses not just tcp
but udp to make connections you basivally would have to block all ports and have nothing working

its easy for a p2p to find a open port and config the software to bypass firewall hardware or software

lets face it telecom tried to control it with their hardware filters with big time plan
and have to give up in defeat so i doubt any business or home can control it

if you think you have your in a dreamland

its easy to send traffic over port 80 1720 ftp and any port

use encryption tech and vpn and even easier



184 posts

Master Geek
+1 received by user: 24


  Reply # 523055 19-Sep-2011 15:05 Send private message

Just to clarify, my objective isn't to spend countless hours/days/months trying to stop people using file sharing protocols, but to make it enough of a pain in the a$$ that they will give up or find someone else's network to use - as long as it isn't mine, I don't care Tongue Out

19233 posts

Uber Geek
+1 received by user: 1104

Moderator
Trusted
Biddle Corp
Subscriber

  Reply # 523078 19-Sep-2011 15:35 Send private message

BigGuy: Just to clarify, my objective isn't to spend countless hours/days/months trying to stop people using file sharing protocols, but to make it enough of a pain in the a$$ that they will give up or find someone else's network to use - as long as it isn't mine, I don't care Tongue Out


Problem is you can't really do a lot to even make it hard - the trackerless UDP protocols will automatically adapt to the network and "just work".

 

340 posts

Ultimate Geek
+1 received by user: 3


  Reply # 523089 19-Sep-2011 15:46 Send private message

theres deep packet inspection now but even theres tools and ways to encrypt so
filtering that on hardware is pointless

but if they use UDP or uTP as its called it can expose the real ip
and normally one disables those features on torrent clients so if they wanted
anon browsing then it might make it hard for them

but more likely it just slow them down e.g. the up and download speeds
since it will find less peers and seeders to connect with

i remember talking to a whiz kid in usa who invented the first cracking pc
it used 4 geforce GPU for number crunching inaffect like having
a portable super computer for maths
for wireless lans where it could crack 200 connections in under 5minutes
theres a lot of bright sparks out there that know more
then the average highly paid net admin

he did say only use psk-2 with a very long
password was the hardest to crack and impossibleto crack
with a good password with bruteforce as it take to long



Create new topic




Twitter »
Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:




News »

Trending now »
Hot discussions in our forums right now:

Hierarchy of a mistake: Gerry Brownlee
Created by joker97, last reply by sir1963 on 25-Jul-2014 20:14 (64 replies)
Pages... 3 4 5


Geekzone giveaway: Thecus N2310 NAS
Created by freitasm, last reply by darkasdes2 on 25-Jul-2014 20:04 (87 replies)
Pages... 4 5 6


MH 17 "shot down" all dead
Created by joker97, last reply by ScuL on 24-Jul-2014 21:40 (203 replies)
Pages... 12 13 14


Is chorus going to deliberately slow adsl internet down
Created by rugrat, last reply by NZCrusader on 25-Jul-2014 18:56 (50 replies)
Pages... 2 3 4


Sickening floral smell in car, What next?
Created by TimA, last reply by Journeyman on 25-Jul-2014 16:39 (41 replies)
Pages... 2 3


Huge Fuss, didn't even make it a year.
Created by networkn, last reply by Glassboy on 22-Jul-2014 19:50 (121 replies)
Pages... 7 8 9


Skinny's new aggressive ad campaign
Created by Yabanize, last reply by Yabanize on 22-Jul-2014 23:35 (52 replies)
Pages... 2 3 4


Giving notice
Created by IlDuce, last reply by kharris on 24-Jul-2014 17:36 (15 replies)


Geekzone Live »
Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.