Re: KaZaA/Morpheus and other file sharing
Possibly a better option:
Place a bandwidth cap on users who are taking more then their
"fair share" of network bandwidth. I believe this can be done
with iptables, although that's out of my area of knowledge for
the moment.
Ex:
Allow brief "spikes" of bandwidth usage, but add a cap'ing rule to
users who consistantly are above some threshold of bandwidth usage.
A good reason to do this, instead of port blocking/filtering:
(1) random failures of legit apps that bind to that port (1214 for
FastTrack-based apps, morpheus, etc) at random (1024+ port nums)
(2) Apps with clever developers that allow nodes on the peer-to-peer
network to use "random" port numbers. Freenet already does this, and
more apps will in the future, as admins (yourself included) try to limit
bandwidth by port. You'll have to do it eventually - you might as well
take effective action now, instead of having to do it right in a few
months.
On Sat, Oct 13, 2001 at 05:37:03PM -0300, Alvaro Reguly wrote:
>
> Hello, I want to filter out KaZaA/Morpheus
> IMesh gnutella and the like from our administrative LAN.
>
> I do not want our users to connect to those services and if that is not
> possible I want them to not serve any files.
>
> Does anyone here knows what are the correct ports/protocols
> for those services ?
>
>
> Thanks in advance.
>
> A. Reguly
>
>
> --
> To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>
Reply to: