blocking peer-to-peer filesharing programs
I realize this may be a touchy subject. For legal purposes I'll state that I'm making these inquiries as an academic excercize, as well as to enable me to block peer-to-peer programs on my own personal home network. The last thing I'd want to do is rob anyone of their free speech or "rights" to distribute illegal copies of copyrighted material. Anyway... I'm interested in developing and studying comprehensive firewall and content-filtering techniques for disabling peer-to-peer filesharing applications (e.g. those using gnutella, fasttrack, other napster-style directory and download engines or stacks). If anyone knows of a mailing list / user group that has similar interests, or if you have similar interests, please email me off-list. Thanks all. - Dani
On Mon, 10 Dec 2001 dani-post@roisman.com wrote:
I realize this may be a touchy subject. For legal purposes I'll state that I'm making these inquiries as an academic excercize, as well as to enable me to block peer-to-peer programs on my own personal home network. The last thing I'd want to do is rob anyone of their free speech or "rights" to distribute illegal copies of copyrighted material.
Anyway... I'm interested in developing and studying comprehensive firewall and content-filtering techniques for disabling peer-to-peer filesharing applications (e.g. those using gnutella, fasttrack, other napster-style directory and download engines or stacks). If anyone knows of a mailing list / user group that has similar interests, or if you have similar interests, please email me off-list.
Since ports and apps are always changing, you would probably have to use a mixture of ports and layer-7 information. Perhaps using some sort of content switch or finding people who do is the answer. For your "home network", may I suggest that you just turn off all the ports, except for the obvious ones, and then be available to field complaints (from your children presumably) for other application specific ports that are justifiable for your network. I think you will find the the list of "legitimate" ports to be much short then the alternative. andy -- PGP Key Available at http://www.tigerteam.net/andy/pgp
On Mon, Dec 10, 2001 at 11:48:33AM -0800, dani-post@roisman.com said:
I realize this may be a touchy subject. For legal purposes I'll state that I'm making these inquiries as an academic excercize, as well as to enable me to block peer-to-peer programs on my own personal home network. The last thing I'd want to do is rob anyone of their free speech or "rights" to distribute illegal copies of copyrighted material.
Stating that something is a touchy subject, and proceeding to troll is not very productive (unless of course you are merely trolling ...) If you are seeking serious technical advice, prefacing your messages with political rhetoric is likely going to hamper your efforts. (and on an unrelated note, 80-column format lines are a nice touch for those of us reading mail on a CLI mail reader ... pretty much every major mail client has an option to wrap lines at X columns these days.)
Anyway... I'm interested in developing and studying comprehensive firewall and content-filtering techniques for disabling peer-to-peer filesharing applications (e.g. those using gnutella, fasttrack, other napster-style directory and download engines or stacks). If anyone knows of a mailing list /user group that has similar interests, or if you have similar interests, please email me off-list.
If you really want to stop P2P filesharing apps, you had better be prepared to constantly audit network traffic, and have an ever-expanding list of blocked ports. Don't forget about the 'old skool' filesharing systems like NFS, windows shared directories, IRC, FTP/HTTP download sites, etc. From a technical perspective, I'm not sure there is any single network-level characteristic that is shared by all P2P systems, and not shared by any other systems. Communication types vary, ports vary, protocols vary ... there may very well not be any single feature to look for in network traffic that will block all P2P traffic at this point in time. Your best bet may just be to resign yourself to regular research, and make sure that the ports you're blocking aren't also utilized by 'legitimate' traffic. I'm sure, given the variety of networks represented by this audience, there will be someone with some solid experience in this area, as opposed to my (admittedly) academic conjecture. Maybe I helped get the ball rolling, though.
Thanks all.
- Dani
-- Scott Francis darkuncle@ [home:] d a r k u n c l e . n e t UNIX | IP networks | security | sysadmin | caffeine | BOFH | general geekery GPG public key 0xCB33CCA7 illum oportet crescere me autem minui
--On Monday, December 10, 2001 11:48 AM -0800 dani-post@roisman.com wrote:
I realize this may be a touchy subject. For legal purposes I'll state
Nice try, but NS2.SONYONLINE.NET is a dead giveaway (whois roisman.com). Maybe you'd have better luck trolling on Slashdot?
that I'm making these inquiries as an academic excercize, as well as to enable me to block peer-to-peer programs on my own personal home network.
Your home at 3960 Ince Blvd, Culver City? How long have you been making your home at an industrial park? Do the movie studios across the street ever cause you any disturbance?
The last thing I'd want to do is rob anyone of their free speech or "rights" to distribute illegal copies of copyrighted material.
What about distributing legal copies of copyrighted material? Surely the copies I buy, whether I later distribute them illegally or not, are themselves legal copies. Or have I caught you in a Freudian slip of sorts?
Anyway... I'm interested in developing and studying comprehensive firewall and content-filtering techniques for disabling peer-to-peer filesharing applications (e.g. those using gnutella, fasttrack, other napster-style directory and download engines or stacks). If anyone knows
It's called a plug. You pull it out, the power goes off. No more P2P file sharing. Oh, you want the Internet to continue to operate. I see. Well, at least your choices are now clearly delineated. Have a nice day.
of a mailing list / user group that has similar interests, or if you have similar interests, please email me off-list.
Thanks all.
- Dani
--- "The avalanche has already begun. It is too late for the pebbles to vote." -- Kosh
participants (4)
-
Andy Walden
-
dani-post@roisman.com
-
Mike Batchelor
-
Scott Francis