Solved

File Sharing and P2P Ports

Posted on 2003-11-14
4
771 Views
Last Modified: 2013-11-21
Does anyone have a list of them? I would like to block them. Thanks
0
Comment
Question by:drgh0st
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 6

Expert Comment

by:rj-smith
ID: 9749345
No list, but I think each P2P network uses a different port.

The ones I do know are as follows:

GNUtella - 6346 to 6348
KaZaA - 1214

If your firewall's capable, it might be a better idea to log all traffic for a while to see what's used and then block everything else. After that, analyse your list and see what else can be discarded.

Hope that helps.
0
 
LVL 18

Accepted Solution

by:
chicagoan earned 25 total points
ID: 9749497
It's a slippery slope!

If you have cisco gear, take a look at NBAR

otherwise you'll have to work you way through each service:

example: kaaza - reverse ip lookup gives you kaaza's addresses: Start with blocking 212.100.253.45 212.100.253.44 and find the common commonlly used port(s):  http://www.seifried.org/security/ports/1000/1214.html

here's a commonly used list:
 412
1214
4661
 4662
4663
 4664
 4665
 6346
 6347
 6881
 6882
6883
 6884
 6885
6886

.. easily be defeated by people switching to non-default ports or UDP based protocols, some like WINMX don't need the ports open on both sides, some hide as http...

The first thing to do is WRITE A POLICY! advertise your policy, watch your bandwidth hogs, scan for Mp3's and P2P software on machines, do port scans for rogue servers... and hammer a couple of people - get HR to get them on the carpet - the word will get out.

There are a lot of products coming on line to combat the legal implications and bandwidth drain like
http://www.lowth.com/p2pwall/ftwall/

and scores of others, but watching traffic and communicating with employees is very effective
0

Featured Post

Easy, flexible multimedia distribution & control

Coming soon!  Ideal for large-scale A/V applications, ATEN's VM3200 Modular Matrix Switch is an all-in-one solution that simplifies video wall integration. Easily customize display layouts to see what you want, how you want it in 4k.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question