View Single Post
  #3   (View Single Post)  
Old 2nd July 2008
robbak's Avatar
robbak robbak is offline
Real Name: Robert Backhaus
VPN Cryptographer
 
Join Date: May 2008
Location: North Queensland, Australia
Posts: 366
Default

You are on a loser if you want to block all p2p. p2p systems (with the exception of bittorent, which is designed as a legitimate way to transfer legal files) try to act as standard traffic, often using the http ports in normal ways: Allow http and you allow p2p too.

Of course, what you require is a check-box solution to convince a PHB that you are doing that, so all you need is some harmless block out rules on a few common ports. Totally ineffective, or course, but that is a feature, not a bug.

(I am sorry if this came across as an insult to anyone: It was merely a statement of fact (or maybe opinion): blocking all p2p without blocking normal traffic is not possible: encryption and abusing common port numbers (25, 80, 443, 110...) will get you through.)
__________________
The only dumb question is a question not asked.
The only dumb answer is an answer not given.

Last edited by robbak; 4th July 2008 at 02:12 AM. Reason: Fixing spelling mistake, and adding disclaimer.
Reply With Quote