Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




3405 posts

Uber Geek
+1 received by user: 687

Trusted

Topic # 89347 31-Aug-2011 16:10
Send private message

hi guys, 

im wanting to upgrade my router (its starting to crap out) and im wanting one that can do
- dual band 802.11g and 802.11n
- DHCP
- gigabit
- adsl2+ (possible vdsl for future proof, havent done much reading on this though)
- block torrents on on certain machines (based on mac address or something, i sometimes download linux distros through torrents, but dont want someone on my wireless downloading stuff they shouldnt)
- preferably with internal aerials
- the more network ports the better

any suggestions?

TIA
 

View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2
27270 posts

Uber Geek
+1 received by user: 6699

Moderator
Trusted
Biddle Corp
Lifetime subscriber

  Reply # 514568 31-Aug-2011 16:25
Send private message

You can't fully block torrents, no matter what hardware you buy.


2027 posts

Uber Geek
+1 received by user: 791

Trusted

  Reply # 514571 31-Aug-2011 16:30
Send private message

sbiddle: You can't fully block torrents, no matter what hardware you buy.



Yea you can.  Put a firewall in their way so they can do nothing.  But put a squid proxy somewhere on the network you control that is allowed out on certain ports.  Force the end-user through the proxy.

Doing this you can allow HTTP/HTTPS and limited access to Instant Messengers and stuff.

This'll also cause problems with many normal things like ssh, ftp, imap/pop/smtp etc, all of which you can work around on a limited whitelist basis (only allow IMAP access to Telecom's ranges etc)

But you can do it.




It looks like I'm using an adblocker. I should consider whitelisting Geekzone in my adblocker or a subscription. The Quick Reply box will appear for me when Geekzone is whitelisted. Hooray for me! If I want to reply to this topic I should click on Compose Reply.


 
 
 
 


341 posts

Ultimate Geek
+1 received by user: 26

Trusted

  Reply # 514575 31-Aug-2011 16:36
Send private message

Most torrent clients have built-in systems to detect attempts at blocking torrents and work around them (e.g. putting all their torrents SSLed over port 443).

The only real way to work around this is with some hefty deep packet inspection, for which you need a full-on UTM/Firewall appliance like a Cyberoam. I'm not aware of any decent ones sub-$500.

2027 posts

Uber Geek
+1 received by user: 791

Trusted

  Reply # 514578 31-Aug-2011 16:42
Send private message

theEd: Most torrent clients have built-in systems to detect attempts at blocking torrents and work around them (e.g. putting all their torrents SSLed over port 443).

The only real way to work around this is with some hefty deep packet inspection, for which you need a full-on UTM/Firewall appliance like a Cyberoam. I'm not aware of any decent ones sub-$500.


How many people sharing torrents have their client listening for incoming connections on port 443?  I'm going to guess not many (most torrent clients I've seen try to listen port 1024 and above.)

You can always disable SSL on your proxy, or whitelist on a case-by-case basis if that was to actually work (which I very much doubt, but yes, it is a valid escape vector)




It looks like I'm using an adblocker. I should consider whitelisting Geekzone in my adblocker or a subscription. The Quick Reply box will appear for me when Geekzone is whitelisted. Hooray for me! If I want to reply to this topic I should click on Compose Reply.


Murray River
4316 posts

Uber Geek
+1 received by user: 1270

Trusted
Subscriber

  Reply # 514579 31-Aug-2011 16:44
Send private message

And so it begins...

2027 posts

Uber Geek
+1 received by user: 791

Trusted

  Reply # 514595 31-Aug-2011 17:07
Send private message

Apologies, reven, I realise I've probably taken your post offtopic a little bit.

Steve's right in that there's no simple easy way to do this, especially not a little ADSL router that'll just have a "stop torrents" option. If you really want to try and stop torrents you'll need to get rather indepth (as I've posted) about, otherwise there's really not a lot you can do, short of buying some very expensive hardware!

Sorry!




It looks like I'm using an adblocker. I should consider whitelisting Geekzone in my adblocker or a subscription. The Quick Reply box will appear for me when Geekzone is whitelisted. Hooray for me! If I want to reply to this topic I should click on Compose Reply.


xpd

Chief Trash Bandit
9146 posts

Uber Geek
+1 received by user: 1443

Mod Emeritus
Trusted
Lifetime subscriber

  Reply # 514644 31-Aug-2011 19:09
Send private message

Some routers might (I havent seen any personally) let you block by filename, just block *.torrent files for a start, but as the others have said, without buying extra hardware firewalls etc, youre kinda limited to what you can do.

Buy a cheap box, put a decent proxy on it......




XPD / Gavin / DemiseNZ

 

Server : i3-3240 @ 3.40GHz  16GB RAM  Win 10 Pro    Workstation : i5-xxxx @ x.xxGHz  16GB RAM  Win 10 pro    Console : Xbox One

 

https://www.xpd.co.nz - Games, geeks, and more.    




3405 posts

Uber Geek
+1 received by user: 687

Trusted

  Reply # 514714 31-Aug-2011 21:13
Send private message

thanks guys, i thought there might have been some custom firmware that could do this. i noticed my brothers laptop had a torrent client open all the time and quickly uninstalled this the other day, but i dont really have control if someone else installs it again.

this law really is a bitch, the internet is under my name, but i cant really stop someone else using it, i was hoping a router would with a normal open mode and a "guest" sub network with limited access to only do a small number of things.

480 posts

Ultimate Geek
+1 received by user: 87


  Reply # 514725 31-Aug-2011 21:33
Send private message

Just use a proxy server to D/L ur dodgy stuff google is your friend here. Or setup a box and spends weeks setting it up to block everything and open things you need as you go.

1067 posts

Uber Geek
+1 received by user: 227

Trusted

  Reply # 514731 31-Aug-2011 21:40
Send private message

torrents work fine on port 80... i'm just saying :)

yeah the only quick fix solution I could think of: find as many torrent sites and block them - user cannot access - wont download (also block .torrent extension).




helping others at evgenyk.nz


27270 posts

Uber Geek
+1 received by user: 6699

Moderator
Trusted
Biddle Corp
Lifetime subscriber

  Reply # 514741 31-Aug-2011 21:55
Send private message

kobiak: torrents work fine on port 80... i'm just saying :)

yeah the only quick fix solution I could think of: find as many torrent sites and block them - user cannot access - wont download (also block .torrent extension).


Blocking .torrent files is about as effective as putting a sign up at the pool telling people not to do number 1's in the pool. It makes people feel good but is totally ineffective.

To block torrenting you need to take a two fold approach, firstly by targeting the trackers which are the weakest link. If you can stop these from initializing you're part of the way there. Of course you've then got trackerless P2P to deal with which can at present be limited by some fancy DNS redirects.


5290 posts

Uber Geek
+1 received by user: 2318

Trusted
Lifetime subscriber

  Reply # 514749 31-Aug-2011 22:07
Send private message

Some Draytek routers can be set to limit number of simultaneous connections, thus limiting the effectiveness of torrents.




Chorus has spent $1.4 billion on making their xDSL broadband network faster. If your still stuck on ADSL or VDSL, why not spend from $150 on a master filter install to make sure you are getting the most out of your connection?
I install - Naked DSL, DSL Master Splitters, VoIP, data cabling and general computer support for home and small business.
Rural Broadband RBI installer for Ultimate Broadband and Full Flavour

 

Need help in Auckland, Waikato or BoP? Click my email button, or email me direct: [my user name] at geekzonemail dot com


8027 posts

Uber Geek
+1 received by user: 387

Trusted
Subscriber

  Reply # 514784 1-Sep-2011 01:30
Send private message

coffeebaron: Some Draytek routers can be set to limit number of simultaneous connections, thus limiting the effectiveness of torrents.


Only takes 1 connection for your ip address to be detected connecting to a public tracker/swarm which anti infringement companies have also connected to and are recording all ip addresses.

4474 posts

Uber Geek
+1 received by user: 849

Trusted
Lifetime subscriber

  Reply # 514785 1-Sep-2011 01:56
Send private message

reven: hi guys, 

im wanting to upgrade my router (its starting to crap out) and im wanting one that can do
- dual band 802.11g and 802.11n
- DHCP
- gigabit
- adsl2+ (possible vdsl for future proof, havent done much reading on this though)
- block torrents on on certain machines (based on mac address or something, i sometimes download linux distros through torrents, but dont want someone on my wireless downloading stuff they shouldnt)
- preferably with internal aerials
- the more network ports the better

any suggestions?

TIA
 


if you are so concerned with the new law, why not using VPN on the router itself.. you can get cloakbox or get router that support DD-WRT to use Astrill VPN







3405 posts

Uber Geek
+1 received by user: 687

Trusted

  Reply # 514979 1-Sep-2011 11:52
Send private message

nakedmolerat:
reven: hi guys, 

im wanting to upgrade my router (its starting to crap out) and im wanting one that can do
- dual band 802.11g and 802.11n
- DHCP
- gigabit
- adsl2+ (possible vdsl for future proof, havent done much reading on this though)
- block torrents on on certain machines (based on mac address or something, i sometimes download linux distros through torrents, but dont want someone on my wireless downloading stuff they shouldnt)
- preferably with internal aerials
- the more network ports the better

any suggestions?

TIA
 


if you are so concerned with the new law, why not using VPN on the router itself.. you can get cloakbox or get router that support DD-WRT to use Astrill VPN


im not worried about the law for myself, and dont want to slow down my internet for every computer, im worried about other computers connecting to my network that i dont admin.  for instance my brothers computer or his gfs computer.  i cant ensure those computers are using a proxy or dont have a torrent client installed.
i was hoping i could only allow them to connect to a guest subnetwork (ive read some routers can have a second limited guest network) which i could block torrents etc from, and only give them the password for that network.
also i dont really want to put everything through a vpn, wouldnt trust online banking through a vpn etc 

 1 | 2
View this topic in a long page with up to 500 replies per page Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Geekzone Live »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.