RE: [fw-wiz] Port numbers for Peer to Peer file sharing apps.

From: James Paterson (jpaterson@datamirror.com)
Date: 11/22/02


From: James Paterson <jpaterson@datamirror.com>
To: firewall-wizards@honor.icsalabs.com
Date: Fri Nov 22 13:24:01 2002

Does anyone have any experience with Akonix L7 (www.akonix.com) being
functional at blocking IM and P2P apps? I am about to start an eval on it
for use in my organization.

-----Original Message-----
From: Eric Vyncke [mailto:evyncke@cisco.com]
Sent: Friday, November 22, 2002 4:56 AM
To: Mikael Olsson
Cc: Mark Whobrey; firewall-wizards@honor.icsalabs.com
Subject: Re: [fw-wiz] Port numbers for Peer to Peer file sharing apps.

At 10:50 22/11/2002 +0100, Mikael Olsson wrote:

>Eric Vyncke wrote:
>>
>> If you are concerned only by the waste of bandwidth, you may want to:
>> - block all incoming TCP connections but the really needed ones
>
>Um. That doesn't work for kazaa (fasttrack), gnutella, etc.
>These apps will detect if they're firewalled, and if two peers want
>to talk to eachother where one side is firewalled, the connection
>will always be initiated by the firewalled one.

Right, but my point was that those applications require at least one peer
without firewall (= accepting incoming connection). So, blocking incoming
connections will cut the bandwidth by at least 50% (as a lot of P2P users
are behind NAT or firewalls)

>(And for public networks, every port is "needed" if you ask the users.)

Agreed, you then get what you want ;-)

-eric

_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards



Relevant Pages

  • Re: Strange TCP Traffic
    ... > I'm not sure of your platform but try blocking those unwanted ... >addresses in your firewall and seeing what application is attempting ... >to make the connections. ...
    (comp.security.firewalls)
  • Re: Strange TCP Traffic
    ... I'm not sure of your platform but try blocking those unwanted ... addresses in your firewall and seeing what application is attempting ... to make the connections. ... Then root it out and eliminate it. ...
    (comp.security.firewalls)
  • Re: Rlogin doesnt work to on MDK 10.1 or FC3 systems
    ... and not that the default firewall is blocking ... Few distributions have come out of the box with a working ...
    (comp.os.linux.misc)
  • Re: What is the Pattern here ?
    ... These are all Dialup Connections that I had no connection with at the time. ... It's obviously an enormous security hole, ... > and a real firewall box. ...
    (comp.security.firewalls)
  • Re: How do I block just one port from being listened to on my server
    ... Well I looked through ALL my logs; ... Well I'll be testing that Firewall out that you gave the link to. ... I just don't want it blocking everything by ... Blocking one port isn't the answer. ...
    (microsoft.public.security)