![]() ![]() Sophos and Untangle both use IPS, HTTP proxy to block sites, and some application detection. The UTMs combine a bunch of tools to do exactly that. Now if you have to guarantee Torrenting is blocked, you would need something that can do Deep Packet Inspection, which probably means an expensive appliance from one of the big buys like Fortinet or Watchguard. You could do this easily on a $99 Ubiquiti EdgeRouter Lite. Now the random over 10000 ports that BitTorrent commonly uses doesn't connect.īut the smart torrenter knows you can just change the port in their client to use port 80 and they're back out. Then we monitor traffic for a week or so and find what other ports are commonly attempted to be used, such as Apple iTunes ports. So for example, at a coffee shop, we allow out ports 80 (http), 443 (https), 22 (ssh), 143 (imap), 25 (smtp), 110 (pop3), and 53 (dns). In the firewall only allow some outbound ports and monitor your traffic logs to find other ports that may be needed. In OpenDNS you can block the P2P/Torrent category to stop new traffic and file downloads. But what we've done for our customers who have public wireless systems or employees with torrent problems, we lock down outbound ports and use OpenDNS. Blocking Torrents is much more difficult than you may realize, or much easier than I realize and someone already has a solution. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |