How to block torrent stream in Windows Server 2008 or the DLink Router?

Hello

I have a windows network with WIndows Server 2008 and a router DLINK DSR-500

I cannot prevent users to install torrent software

i search a method to block utorrent streams

It is possible?

if yes, how i could do that?
patrocle_runAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

kulboyCommented:
Most commercial firewalls only block incoming, they allow all outgoing and that is sometimes enough to get torrents working with minimal speed.

If you need to block it, the best thing you can do is block all outgoing on the router, excluding items that are needed such as smtp, pop3, http, https.

Also, block UPnP as this dynamically allows clients to assign / make outgoing/incoming connection rules

The better sollution would be to do Deep packet inspection. The traffic has to be examined in order to block it effectively. If encryption is used, though, all bets are off.

You might try looking at Untangle. It sounds like it could do what you want.
0
Miguel Angel Perez MuñozCommented:
This is complicated question here.

With your current setup, can try create a GPO to configure your computers firewall. Then, block any program/connection not listed and configure traffic and programs that you need to access to internet. The rest (probably user installed software) will be blocked and can not access network.

Other way maybe using any kind of proxy (like squid that runs on linux) and inspect connections. Since torrent programs may run on https ports sometimes blocking traffic is not enough to stop.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
patrocle_runAuthor Commented:
I have block ALL and create rule for authorization for port TCP 80,443,110,995

Internet and mails (sending receiving) work

but i cannot ping,  ping command line does not work anymore

I have authorized port TCP and UDP for 1 and 7, but i could not ping. a website like ping 8.8.8.8

why?
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

patrocle_runAuthor Commented:
i try to add a firewall to permit ICMP Type 4 for any computer to any computer

but ping do not works also
0
Miguel Angel Perez MuñozCommented:
Did you enable echo response on ICMP protocol? Why is so important ping on your environment?
0
kulboyCommented:
Ping uses the ICMP protocol so it is not only a port setting.
0
patrocle_runAuthor Commented:
but there exists many version of ICMP. i should authorize all ICMP version?
0
patrocle_runAuthor Commented:
The solution is block all ports and open only ports needed.

Generally, it needs :

internet ( port 80,8080 HTTP) , HTTPS : port 443
ftp ( port 20,21)
mail (SMTP,POP  : port 110,25)

It needs to be ensured that all ports (used by applications that connect to internet) are opened

note : SMTP secured and POP secured use other ports
0
patrocle_runAuthor Commented:
I've requested that this question be closed as follows:

Accepted answer: 0 points for patrocle_run's comment #a41076346

for the following reason:

This is the solution, i have tested it for several days. it works, even if user install utorrent or other software, they can not use them
0
Miguel Angel Perez MuñozCommented:
Thats my solution!! create a list with required software that can access to internet and block the rest using firewall.
0
kulboyCommented:
Ok, What about my answer then? ID: 41043242
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2008

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.