Solved

how to block torrent, P2P, etc through GPO

Posted on 2013-06-27
8
4,025 Views
Last Modified: 2013-12-29
We have server 2008 r2. How do I block torrent, P2P, etc through GPO? I found an interesting tutorial, but unfortunately seems the site is down. http://www.youtube.com/watch?v=pE_0FWNYp18       

our router doesn't have the ability to do it and at this moment we are not looking to purchase web filter software or appliance like sonicwall or the barracuda... so I can only look for "free" solution.... Any advise?
0
Comment
Question by:okamon
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 6

Expert Comment

by:Vijay Pratap Singh
ID: 39283317
You can try to make a rule in firewall of windows to block the port of torrent :)
0
 

Author Comment

by:okamon
ID: 39283465
it's hard. each p2p use different ports and some are random. Also why it's the rule in windows firewall? it should be created on the hardware firewall.
0
 
LVL 15

Expert Comment

by:Ian Meredith
ID: 39283484
There are a suite of open source web proxy programs for linux and windows available.

You can then block traffic (tcp ports) using this system. That is once you have added proxy redirection to all your clients via group policy.

For most legitimate traffic the ports are all below 1000, you can then safely block ports 1001-65535 which what most P2P and torrents programs use.

Hope it helps
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 81

Expert Comment

by:David Johnson, CD, MVP
ID: 39283490
For most legitimate traffic the ports are all below 1000, you can then safely block ports 1001-65535 which what most P2P and torrents programs use.

Which is fine unless you have a DNS server that uses port randomization..
Or other service(s) that users ports above the known range of 0-1024.

There is a method of using port 80 for .torrent traffic. It is much easier to make all users standard users and use a blacklist of the popular torrent software but you have to keep updating it.. for every safeguard there is a way around it for the determined.  Even deep packet inspection can be defeated by using a vpn
0
 

Author Comment

by:okamon
ID: 39302505
will the web content filter appliance help? like the one from sonicwall or barracuda?
0
 
LVL 81

Expert Comment

by:David Johnson, CD, MVP
ID: 39303411
yes an appliance will do the packet inspection and block the items you need.. Do users still use Kazaa / BearShare these days?
0
 
LVL 7

Accepted Solution

by:
deviprasad_s earned 450 total points
ID: 39307329
dear okaman ,

you want o block p2p,torrent ,xxx,vedios ,mp3 so on in your network ,and dont want to pay for it ,and dont want a steep learnign curve also ,and also eay to maintain once setup ..

the one that I implemented is squid 3.1 proxy server for linux ,
and I does the job perfectly ,you can customize it your organization needs .

if you plan to implement, i can post installation instructions and config files for that also .
so decide .

thanks,
s.deviprasad
0
 
LVL 1

Expert Comment

by:collinsn
ID: 39745108
Hi there s.deviprasad,

I would really appreciate if you could share this setup for me also.  I have users connecting to our VPN Server and I would then like to use squid 3.1 to block p2p,torrent,xxx,vedios, mp3 etc.

Thanks
Nev
0

Featured Post

SendBlaster Pro 4 - Bulk Email Sending Software

SendBlaster 4 Pro - Best Bulk Emailing Sending Software
Automatic Subscribe / Unsubscribe Processing
Great for Newsletters & Mass Mailings
Optional HTML & Text Composition
Integration with Google Features
Built in Spam Score Checking
Free Professional Templates - Feature Packed!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article shows the method of using the Resultant Set of Policy Tool to locate Group Policy that applies a particular setting.
Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

737 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question