[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

how to block torrent, P2P, etc through GPO

Posted on 2013-06-27
8
Medium Priority
?
4,229 Views
Last Modified: 2013-12-29
We have server 2008 r2. How do I block torrent, P2P, etc through GPO? I found an interesting tutorial, but unfortunately seems the site is down. http://www.youtube.com/watch?v=pE_0FWNYp18       

our router doesn't have the ability to do it and at this moment we are not looking to purchase web filter software or appliance like sonicwall or the barracuda... so I can only look for "free" solution.... Any advise?
0
Comment
Question by:okamon
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 6

Expert Comment

by:Vijay Pratap Singh
ID: 39283317
You can try to make a rule in firewall of windows to block the port of torrent :)
0
 

Author Comment

by:okamon
ID: 39283465
it's hard. each p2p use different ports and some are random. Also why it's the rule in windows firewall? it should be created on the hardware firewall.
0
 
LVL 15

Expert Comment

by:Ian Meredith
ID: 39283484
There are a suite of open source web proxy programs for linux and windows available.

You can then block traffic (tcp ports) using this system. That is once you have added proxy redirection to all your clients via group policy.

For most legitimate traffic the ports are all below 1000, you can then safely block ports 1001-65535 which what most P2P and torrents programs use.

Hope it helps
0
Are You Ready for GDPR?

With the GDPR deadline set for May 25, 2018, many organizations are ill-prepared due to uncertainty about the criteria for compliance. According to a recent WatchGuard survey, a staggering 37% of respondents don't even know if their organization needs to comply with GDPR. Do you?

 
LVL 83

Expert Comment

by:David Johnson, CD, MVP
ID: 39283490
For most legitimate traffic the ports are all below 1000, you can then safely block ports 1001-65535 which what most P2P and torrents programs use.

Which is fine unless you have a DNS server that uses port randomization..
Or other service(s) that users ports above the known range of 0-1024.

There is a method of using port 80 for .torrent traffic. It is much easier to make all users standard users and use a blacklist of the popular torrent software but you have to keep updating it.. for every safeguard there is a way around it for the determined.  Even deep packet inspection can be defeated by using a vpn
0
 

Author Comment

by:okamon
ID: 39302505
will the web content filter appliance help? like the one from sonicwall or barracuda?
0
 
LVL 83

Expert Comment

by:David Johnson, CD, MVP
ID: 39303411
yes an appliance will do the packet inspection and block the items you need.. Do users still use Kazaa / BearShare these days?
0
 
LVL 7

Accepted Solution

by:
deviprasad_s earned 900 total points
ID: 39307329
dear okaman ,

you want o block p2p,torrent ,xxx,vedios ,mp3 so on in your network ,and dont want to pay for it ,and dont want a steep learnign curve also ,and also eay to maintain once setup ..

the one that I implemented is squid 3.1 proxy server for linux ,
and I does the job perfectly ,you can customize it your organization needs .

if you plan to implement, i can post installation instructions and config files for that also .
so decide .

thanks,
s.deviprasad
0
 
LVL 1

Expert Comment

by:collinsn
ID: 39745108
Hi there s.deviprasad,

I would really appreciate if you could share this setup for me also.  I have users connecting to our VPN Server and I would then like to use squid 3.1 to block p2p,torrent,xxx,vedios, mp3 etc.

Thanks
Nev
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

With the evolution of technology, we have finally reached a point where it is possible to have home automation features like having your thermostat turn up and door lock itself when you leave, as well as a complete home security system. This is a st…
A new hacking trick has emerged leveraging your own helpdesk or support ticketing tools as an easy way to distribute malware.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question