Trusted
Im supervisor of a boarding hostel, we have server 2000 running kerio winroute proxy server, which users must put in the proxy servers address to get the internet. Im trying to stop these highschool kids from wasting bandwidth using limewire, bit torrent etc, which is turning out to be a nightmare!
Kerio dosnt seem to be able to block ports, it lets any traffic through, its pretty damn simple!! its the older version 4, the hostel cant afford to upgrade to version 6 (going to be over $1k to do so)
I have a 3com adsl router (the latest firmware on the router is installed.) which i recently found offers this feature, great i thought so i went and blocked every port except http, smtp, pop3, msn and yahoo messenger.. problem now is that the internet locks up after 10 mins of activity. so it needs to be reset before it will work again, the router hasnt locked up just the internet, is still thinks its connected but isnt. Upon inspecting the logs the router is getting hammered by a port scanner (probably utorrent or limewire looking for a free port), thr router obviously cant handle such things.. so the search continues..
Does anyone know of a decent proxy server or cheap method that will handle blocking thousands of ports, getting port scanned etc. I wouldnt have thought it would be this hard, surely a lot of people have this problem.
Ive looked online but cant find a good method, kerio seemed to be good with handling the internet sharing up until i decided that port blocking needed to be done. Ive tried usergate and winproxy as well, both dont offer a good enough program.
Here is a snippit of the log, it dosnt really show much i know.. ill post a better one later once i implement the rule again (had to turn it off as too many whiners knocking on my door due to no internet connection
02/20/2008 20:09:39 Reject packet from 192.168.0.2:47392 to 60.28.197.35:28221
02/20/2008 20:09:39 Reject packet from 192.168.0.2:47391 to 58.251.60.66:12000
02/20/2008 20:09:37 Reject packet from 192.168.0.2:47390 to 72.51.37.237:8899
02/20/2008 20:09:25 Reject packet from 192.168.0.2:47389 to 66.199.250.170:8911
02/20/2008 20:09:19 Reject packet from 192.168.0.2:47388 to 219.239.90.172:28221
02/20/2008 20:09:11 Reject packet from 192.168.0.2:47381 to 60.28.197.35:28221
02/20/2008 20:09:09 Reject packet from 192.168.0.2:47378 to 72.51.37.237:8899
02/20/2008 20:08:57 Reject packet from 192.168.0.2:47374 to 66.199.250.170:8911
02/20/2008 20:08:51 Reject packet from 192.168.0.2:47373 to 219.239.90.172:28221
02/20/2008 20:08:43 Reject packet from 192.168.0.2:47372 to 60.28.197.35:28221
02/20/2008 20:08:41 Reject packet from 192.168.0.2:47371 to 72.51.37.237:8899
02/20/2008 20:00:51 Reject packet from 192.168.0.2:47365 to 66.199.250.170:8911
02/20/2008 20:00:45 Reject packet from 192.168.0.2:47363 to 219.239.90.172:28221
02/20/2008 20:00:37 Reject packet from 192.168.0.2:47361 to 60.28.197.35:28221
02/20/2008 20:00:35 Reject packet from 192.168.0.2:47360 to 72.51.37.237:8899
02/20/2008 20:00:33 Reject packet from 192.168.0.2:47359 to 66.199.250.170:8911
02/20/2008 20:00:27 Reject packet from 192.168.0.2:47357 to 219.239.90.172:28221
02/20/2008 20:00:26 Reject packet from 192.168.0.2:47356 to 66.199.250.170:8911
02/20/2008 20:00:26 If(PVC1) PPP connection ok !
02/20/2008 20:00:25 Username and Password: OK
02/20/2008 20:00:19 PVC1 start PPP
02/20/2008 20:00:19 ADSL Media Up !
02/20/2008 20:00:02 WLAN TEST.....................PASS
02/20/2008 20:00:02 WAN ADSL TEST.................PASS
ID Verified
