What's new

Blocking P2P

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

beengone

Occasional Visitor
I've spent a ton of time reading all over about blocking P2P traffic. I have a client who received a notice that someone on their network was sharing out illegal content. So, now I need to find a way to stop that from happening again. From what I've read it may be impossible to really make this happen due to variable ports, encryption, etc. used by many modern P2P clients. From what I've read there are a few courses of action, could someone confirm or write up a short, simple article on the most effective way to block P2P traffic? Here's what I think I know:

  1. Block applications if possible. New clients mean additions to the list.
  2. Block trackers. This only works if the client uses trackers.
  3. Use QoS rules to throttle use. Doesn't really protect an open network owner, just slows down transfers.

I'm sure I must be missing something somewhere, but can't find anything else helpful. I'm thinking about just blocking all but ports 80, 443, 25, 587 and a handful of others for the guest vlan. Is that what many of you do? What's the best way to protect against this type of problem?
 
On my network I have setup in such a way that only ports which are open 80, 443, 22, 21 and so far no problems with this method. If needed I can open others on demand for set amount of duration.

My router is ASUS RT-AC68U if that helps.
 
@Hawk: Please consider posting a screen shot and RT-AC68U firmware version and any other info (links, etc) that you deem helpful. I have a two RT-AC68U devices:

DETAILS
=======
#1 RT-68ACU Gateway =192.168.8.1 = (Merlin Firmware)
#2 RT-68ACU R-Bridge =192.168.8.3 = RT-68ACU (DD-WRT v3.0-r27343)

GOALS
=====
Manage access to the DD-WRT repeater bridge. Specifically, implement controls at the R-Bridge:

A) No Torrenting, youtube or similar is fine
B) Administrator to control wifi access via MAC address
c) No traffic from wired-in access points traffic into R-Bridge.

These controls are important because, I want to limit which devices can access wifi AND prevent any issues.

QUESTIONS:
==========
1) Is it possible to engage DD-WRT (Device #2) to implement controls A) & B)? The goal is to have separate controls at the gateway.

2) Is it necessary / desirable / advantageous to create a separate guest wifi network and attach the device #2 to it via wifi? If yes, continue to use R-bridge mode?

3) Can wired device access be controlled at the R-Bridge via MAC address? or is there a better way?
 
I wouldnt block all p2p traffic. Skype for example uses p2p, akamai uses p2p, torrents use p2p. Even some games like GTA 5 and space engineers are p2p based.

Instead of targetting p2p traffic, target the protocol/ports instead.
 
You need to run a software UTM firewall like Untangle or Sophos UTM Essential Security Firewall. These are the free versions I can think of. There are many paid versions of UTM firewalls out there. Some very expensive.

P2P can hop on different lower ports so you will not be able to block it with a router. You need a robust firewall.
 

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top