Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.



163 posts

Master Geek
+1 received by user: 23


Topic # 90293 19-Sep-2011 10:49 Send private message

I got you with the subject header didn't I?  Smile

This isnt so much a post asking for help, but a post to potentially help others out there.

I was looking for a way to stop bittorrent data flowing out of my network.  I was looking at potentially buying a Juniper SRX - I currently use pfsense.
As luck would have it, pfsense has gone to a 2.0 release  in the weekend which fixes support for such an application Smile

Have put the rule in and now feel a little more safe Laughing

What are others out there doing?

Create new topic
766 posts

Ultimate Geek
+1 received by user: 38

UberGroup

  Reply # 522924 19-Sep-2011 10:54 Send private message

I give the torrent guys about 3 days to bypass these rules. It's a game of cat and mouse which can never be won




All comment's I make are my own personal opinion and do not in any way, shape or form reflect the views of current or former employers unless specifically stated 


1626 posts

Uber Geek
+1 received by user: 23

Trusted

  Reply # 522926 19-Sep-2011 10:59 Send private message

Hows skype working though? We use zentyal (software firewall) which is an upgrade on the old ebox platform. We are blocking torrents without a problem but it also kills off skype as it uses p2p ports :/, which is turning into a bit of a hassle as its installed at a backpackers.



163 posts

Master Geek
+1 received by user: 23


  Reply # 522932 19-Sep-2011 11:05 Send private message

Good call RE: Skype.  I didn't test that (not that I use it much).

318 posts

Ultimate Geek
+1 received by user: 3


  Reply # 523029 19-Sep-2011 14:06 Send private message

your never block torrents... the client software is so flexible now days and uses not just tcp
but udp to make connections you basivally would have to block all ports and have nothing working

its easy for a p2p to find a open port and config the software to bypass firewall hardware or software

lets face it telecom tried to control it with their hardware filters with big time plan
and have to give up in defeat so i doubt any business or home can control it

if you think you have your in a dreamland

its easy to send traffic over port 80 1720 ftp and any port

use encryption tech and vpn and even easier



163 posts

Master Geek
+1 received by user: 23


  Reply # 523055 19-Sep-2011 15:05 Send private message

Just to clarify, my objective isn't to spend countless hours/days/months trying to stop people using file sharing protocols, but to make it enough of a pain in the a$$ that they will give up or find someone else's network to use - as long as it isn't mine, I don't care Tongue Out

18571 posts

Uber Geek
+1 received by user: 736

Moderator
Trusted
Biddle Corp
Subscriber

  Reply # 523078 19-Sep-2011 15:35 Send private message

BigGuy: Just to clarify, my objective isn't to spend countless hours/days/months trying to stop people using file sharing protocols, but to make it enough of a pain in the a$$ that they will give up or find someone else's network to use - as long as it isn't mine, I don't care Tongue Out


Problem is you can't really do a lot to even make it hard - the trackerless UDP protocols will automatically adapt to the network and "just work".

 

318 posts

Ultimate Geek
+1 received by user: 3


  Reply # 523089 19-Sep-2011 15:46 Send private message

theres deep packet inspection now but even theres tools and ways to encrypt so
filtering that on hardware is pointless

but if they use UDP or uTP as its called it can expose the real ip
and normally one disables those features on torrent clients so if they wanted
anon browsing then it might make it hard for them

but more likely it just slow them down e.g. the up and download speeds
since it will find less peers and seeders to connect with

i remember talking to a whiz kid in usa who invented the first cracking pc
it used 4 geforce GPU for number crunching inaffect like having
a portable super computer for maths
for wireless lans where it could crack 200 connections in under 5minutes
theres a lot of bright sparks out there that know more
then the average highly paid net admin

he did say only use psk-2 with a very long
password was the hardest to crack and impossibleto crack
with a good password with bruteforce as it take to long



Create new topic








Twitter »
Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when new jobs are posted to our jobs board:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:




News »

Trending now »
Hot discussions in our forums right now:

Telecom introduces unlimited broadband data plan
Created by freitasm, last reply by joker97 on 23-Apr-2014 21:31 (77 replies)
Pages... 4 5 6


Stonedine
Created by Lizard1977, last reply by surfisup1000 on 23-Apr-2014 21:27 (58 replies)
Pages... 2 3 4


Telecom has started metering their TiVo customers' broadband usage (WITHOUT PRENOTIFICATION)
Created by Peteriv, last reply by mxpress on 23-Apr-2014 14:22 (69 replies)
Pages... 3 4 5


Forms of government for New Zealand
Created by charsleysa, last reply by KiwiNZ on 23-Apr-2014 20:57 (169 replies)
Pages... 10 11 12


Parallel imported product
Created by Wills1, last reply by joker97 on 23-Apr-2014 21:01 (53 replies)
Pages... 2 3 4


Labour MP Shane Jones to step down
Created by jeffnz, last reply by jeffnz on 23-Apr-2014 20:41 (32 replies)
Pages... 2 3


Upcoming Freeview Restack AUCKLAND
Created by Brunzy, last reply by richms on 23-Apr-2014 21:05 (13 replies)

Paywave unauthorised transaction
Created by Ford, last reply by Jase2985 on 23-Apr-2014 17:13 (69 replies)
Pages... 3 4 5



Geekzone Live »
Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.