?
Solved

how to block torrent, P2P, etc through GPO

Posted on 2013-06-27
8
Medium Priority
?
4,165 Views
Last Modified: 2013-12-29
We have server 2008 r2. How do I block torrent, P2P, etc through GPO? I found an interesting tutorial, but unfortunately seems the site is down. http://www.youtube.com/watch?v=pE_0FWNYp18       

our router doesn't have the ability to do it and at this moment we are not looking to purchase web filter software or appliance like sonicwall or the barracuda... so I can only look for "free" solution.... Any advise?
0
Comment
Question by:okamon
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 6

Expert Comment

by:Vijay Pratap Singh
ID: 39283317
You can try to make a rule in firewall of windows to block the port of torrent :)
0
 

Author Comment

by:okamon
ID: 39283465
it's hard. each p2p use different ports and some are random. Also why it's the rule in windows firewall? it should be created on the hardware firewall.
0
 
LVL 15

Expert Comment

by:Ian Meredith
ID: 39283484
There are a suite of open source web proxy programs for linux and windows available.

You can then block traffic (tcp ports) using this system. That is once you have added proxy redirection to all your clients via group policy.

For most legitimate traffic the ports are all below 1000, you can then safely block ports 1001-65535 which what most P2P and torrents programs use.

Hope it helps
0
Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

 
LVL 82

Expert Comment

by:David Johnson, CD, MVP
ID: 39283490
For most legitimate traffic the ports are all below 1000, you can then safely block ports 1001-65535 which what most P2P and torrents programs use.

Which is fine unless you have a DNS server that uses port randomization..
Or other service(s) that users ports above the known range of 0-1024.

There is a method of using port 80 for .torrent traffic. It is much easier to make all users standard users and use a blacklist of the popular torrent software but you have to keep updating it.. for every safeguard there is a way around it for the determined.  Even deep packet inspection can be defeated by using a vpn
0
 

Author Comment

by:okamon
ID: 39302505
will the web content filter appliance help? like the one from sonicwall or barracuda?
0
 
LVL 82

Expert Comment

by:David Johnson, CD, MVP
ID: 39303411
yes an appliance will do the packet inspection and block the items you need.. Do users still use Kazaa / BearShare these days?
0
 
LVL 7

Accepted Solution

by:
deviprasad_s earned 900 total points
ID: 39307329
dear okaman ,

you want o block p2p,torrent ,xxx,vedios ,mp3 so on in your network ,and dont want to pay for it ,and dont want a steep learnign curve also ,and also eay to maintain once setup ..

the one that I implemented is squid 3.1 proxy server for linux ,
and I does the job perfectly ,you can customize it your organization needs .

if you plan to implement, i can post installation instructions and config files for that also .
so decide .

thanks,
s.deviprasad
0
 
LVL 1

Expert Comment

by:collinsn
ID: 39745108
Hi there s.deviprasad,

I would really appreciate if you could share this setup for me also.  I have users connecting to our VPN Server and I would then like to use squid 3.1 to block p2p,torrent,xxx,vedios, mp3 etc.

Thanks
Nev
0

Featured Post

Get real performance insights from real users

Key features:
- Total Pages Views and Load times
- Top Pages Viewed and Load Times
- Real Time Site Page Build Performance
- Users’ Browser and Platform Performance
- Geographic User Breakdown
- And more

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Getting to know the threat landscape in which DDoS has evolved, and making the right choice to get ourselves geared up to defend against  DDoS attacks effectively. Get the necessary preparation works done and focus on Doing the First Things Right.
Check out the latest tech news, community articles, and expert highlights in August's newsletter.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Suggested Courses
Course of the Month11 days, 11 hours left to enroll

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question