North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: blocking peer-to-peer filesharing programs

  • From: Andy Walden
  • Date: Mon Dec 10 16:19:10 2001


On Mon, 10 Dec 2001 dani-post@roisman.com wrote:

>
> I realize this may be a touchy subject.  For legal purposes I'll state that I'm making these inquiries as an academic excercize, as well as to enable me to block peer-to-peer programs on my own personal home network. The last thing I'd want to do is rob anyone of their free speech or "rights" to distribute illegal copies of copyrighted material.
>
> Anyway... I'm interested in developing and studying comprehensive firewall and content-filtering techniques for disabling peer-to-peer filesharing applications (e.g. those using gnutella, fasttrack, other napster-style directory and download engines or stacks).  If anyone knows of a mailing list / user group that has similar interests, or if you have similar interests, please email me off-list.

Since ports and apps are always changing, you would probably have to use a
mixture of ports and layer-7 information. Perhaps using some sort of
content switch or finding people who do is the answer.

For your "home network", may I suggest that you just turn off all the
ports, except for the obvious ones, and then be available to field
complaints (from your children presumably) for other application specific
ports that are justifiable for your network. I think you will find the the
list of "legitimate" ports to be much short then the alternative.


andy
--
PGP Key Available at http://www.tigerteam.net/andy/pgp