• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 783
  • Last Modified:

File Sharing and P2P Ports

Does anyone have a list of them? I would like to block them. Thanks
0
drgh0st
Asked:
drgh0st
1 Solution
 
rj-smithCommented:
No list, but I think each P2P network uses a different port.

The ones I do know are as follows:

GNUtella - 6346 to 6348
KaZaA - 1214

If your firewall's capable, it might be a better idea to log all traffic for a while to see what's used and then block everything else. After that, analyse your list and see what else can be discarded.

Hope that helps.
0
 
chicagoanCommented:
It's a slippery slope!

If you have cisco gear, take a look at NBAR

otherwise you'll have to work you way through each service:

example: kaaza - reverse ip lookup gives you kaaza's addresses: Start with blocking 212.100.253.45 212.100.253.44 and find the common commonlly used port(s):  http://www.seifried.org/security/ports/1000/1214.html

here's a commonly used list:
 412
1214
4661
 4662
4663
 4664
 4665
 6346
 6347
 6881
 6882
6883
 6884
 6885
6886

.. easily be defeated by people switching to non-default ports or UDP based protocols, some like WINMX don't need the ports open on both sides, some hide as http...

The first thing to do is WRITE A POLICY! advertise your policy, watch your bandwidth hogs, scan for Mp3's and P2P software on machines, do port scans for rogue servers... and hammer a couple of people - get HR to get them on the carpet - the word will get out.

There are a lot of products coming on line to combat the legal implications and bandwidth drain like
http://www.lowth.com/p2pwall/ftwall/

and scores of others, but watching traffic and communicating with employees is very effective
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now