Solved

how to block torrent, P2P, etc through GPO

Posted on 2013-06-27
8
4,067 Views
Last Modified: 2013-12-29
We have server 2008 r2. How do I block torrent, P2P, etc through GPO? I found an interesting tutorial, but unfortunately seems the site is down. http://www.youtube.com/watch?v=pE_0FWNYp18       

our router doesn't have the ability to do it and at this moment we are not looking to purchase web filter software or appliance like sonicwall or the barracuda... so I can only look for "free" solution.... Any advise?
0
Comment
Question by:okamon
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 6

Expert Comment

by:Vijay Pratap Singh
ID: 39283317
You can try to make a rule in firewall of windows to block the port of torrent :)
0
 

Author Comment

by:okamon
ID: 39283465
it's hard. each p2p use different ports and some are random. Also why it's the rule in windows firewall? it should be created on the hardware firewall.
0
 
LVL 15

Expert Comment

by:Ian Meredith
ID: 39283484
There are a suite of open source web proxy programs for linux and windows available.

You can then block traffic (tcp ports) using this system. That is once you have added proxy redirection to all your clients via group policy.

For most legitimate traffic the ports are all below 1000, you can then safely block ports 1001-65535 which what most P2P and torrents programs use.

Hope it helps
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 81

Expert Comment

by:David Johnson, CD, MVP
ID: 39283490
For most legitimate traffic the ports are all below 1000, you can then safely block ports 1001-65535 which what most P2P and torrents programs use.

Which is fine unless you have a DNS server that uses port randomization..
Or other service(s) that users ports above the known range of 0-1024.

There is a method of using port 80 for .torrent traffic. It is much easier to make all users standard users and use a blacklist of the popular torrent software but you have to keep updating it.. for every safeguard there is a way around it for the determined.  Even deep packet inspection can be defeated by using a vpn
0
 

Author Comment

by:okamon
ID: 39302505
will the web content filter appliance help? like the one from sonicwall or barracuda?
0
 
LVL 81

Expert Comment

by:David Johnson, CD, MVP
ID: 39303411
yes an appliance will do the packet inspection and block the items you need.. Do users still use Kazaa / BearShare these days?
0
 
LVL 7

Accepted Solution

by:
deviprasad_s earned 450 total points
ID: 39307329
dear okaman ,

you want o block p2p,torrent ,xxx,vedios ,mp3 so on in your network ,and dont want to pay for it ,and dont want a steep learnign curve also ,and also eay to maintain once setup ..

the one that I implemented is squid 3.1 proxy server for linux ,
and I does the job perfectly ,you can customize it your organization needs .

if you plan to implement, i can post installation instructions and config files for that also .
so decide .

thanks,
s.deviprasad
0
 
LVL 1

Expert Comment

by:collinsn
ID: 39745108
Hi there s.deviprasad,

I would really appreciate if you could share this setup for me also.  I have users connecting to our VPN Server and I would then like to use squid 3.1 to block p2p,torrent,xxx,vedios, mp3 etc.

Thanks
Nev
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
Liquid Web and Plesk discuss how to simplify server management with a single tool  in their webinar.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

695 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question