[44714] in North American Network Operators' Group
Re: blocking peer-to-peer filesharing programs
daemon@ATHENA.MIT.EDU (Scott Francis)
Mon Dec 10 15:56:21 2001
Date: Mon, 10 Dec 2001 12:54:40 -0800
From: Scott Francis <darkuncle@darkuncle.net>
To: dani-post@roisman.com
Cc: nanog@merit.edu
Message-ID: <20011210125440.D79882@darkuncle.net>
Mail-Followup-To: Scott Francis <darkuncle@darkuncle.net>,
dani-post@roisman.com, nanog@merit.edu
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-ripemd160;
protocol="application/pgp-signature"; boundary="fXStkuK2IQBfcDe+"
Content-Disposition: inline
In-Reply-To: <20011210114833.A18202@inet1.roisman.com>
Errors-To: owner-nanog-outgoing@merit.edu
--fXStkuK2IQBfcDe+
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Mon, Dec 10, 2001 at 11:48:33AM -0800, dani-post@roisman.com said:
>=20
> I realize this may be a touchy subject. For legal purposes I'll state th=
at
> I'm making these inquiries as an academic excercize, as well as to enable=
me
> to block peer-to-peer programs on my own personal home network. The last =
thing
> I'd want to do is rob anyone of their free speech or "rights" to distribu=
te
> illegal copies of copyrighted material.
Stating that something is a touchy subject, and proceeding to troll is not
very productive (unless of course you are merely trolling ...) If you are
seeking serious technical advice, prefacing your messages with political
rhetoric is likely going to hamper your efforts.
(and on an unrelated note, 80-column format lines are a nice touch for those
of us reading mail on a CLI mail reader ... pretty much every major mail
client has an option to wrap lines at X columns these days.)
> Anyway... I'm interested in developing and studying comprehensive firewal=
l and
> content-filtering techniques for disabling peer-to-peer filesharing
> applications (e.g. those using gnutella, fasttrack, other napster-style
> directory and download engines or stacks). If anyone knows of a mailing =
list
> /user group that has similar interests, or if you have similar interests,
> please email me off-list.
If you really want to stop P2P filesharing apps, you had better be prepared
to constantly audit network traffic, and have an ever-expanding list of
blocked ports. Don't forget about the 'old skool' filesharing systems like
NFS, windows shared directories, IRC, FTP/HTTP download sites, etc. From a
technical perspective, I'm not sure there is any single network-level
characteristic that is shared by all P2P systems, and not shared by any oth=
er
systems. Communication types vary, ports vary, protocols vary ... there may=
very
well not be any single feature to look for in network traffic that will blo=
ck
all P2P traffic at this point in time.
Your best bet may just be to resign yourself to regular research, and make
sure that the ports you're blocking aren't also utilized by 'legitimate'
traffic.
I'm sure, given the variety of networks represented by this audience, there
will be someone with some solid experience in this area, as opposed to my
(admittedly) academic conjecture. Maybe I helped get the ball rolling,
though.
> Thanks all.
>=20
> - Dani
--=20
Scott Francis darkuncle@ [home:] d a r k u n c l e . n e t
UNIX | IP networks | security | sysadmin | caffeine | BOFH | general geekery
GPG public key 0xCB33CCA7 illum oportet crescere me autem minui
--fXStkuK2IQBfcDe+
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (FreeBSD)
Comment: For info see http://www.gnupg.org
iQIXAwUBPBUhD4gCD7rLM8ynFAOl1QgAiwVu2aol8Lweho3cxoKehlCfwVZP2PsB
N3moSyLl4WaWC8/UXLMBPnBu4A3wvd5Bl0p3P8fgZdQlLJfvSlSvvMDZGX0QrLPC
5Au4kIIjni2rcKs4pZ7Y0NY39DGuyOc88v/Jdfb1ViebAtbRJvOLHpL0t0dHDl+l
RoZ1wyntOUdTit2pjX4av0pRI7ohthBvi71zzf/G+EbwuhBOdbV3QiDAA4SU6vO5
XI2lWKlukxwX8yGmDl5j/xDxjv3RSXECMfdBq9WQSL4vFo7AD2Z2FEV0wmFGUu4z
cdr4DwHzUqLCvo3C5SwjJwBik6xuWy4OKe3PEX6zl4pggJj5nZPrKgf+LdcXIo4Z
Nv0HjFlttWCPNZHz022t/x6t6sqysfQaEsE4Af9Ngs263oCsIKMA9hLEBofjW8sj
hWWORwZzK57ulijXULTo+Mz1ZSo0lXIUoeMSdULZI7MAcGfimbAN8X16rn6zGEaR
TUes7gpcSdgDVzRqlW58NtzmJbe1DhDP7Qm26r/sgffUejd6ba0xqPJ1k7lmUkaO
PRizIBvCfTRhZKoiOd4FJWK7MxtPn1NQDf7eiInl2bEBdCVQlBv4hHmCaExoPG4K
N7ZPaLG0nnJMQ5yQqDVc194/tqR5mSGaKOZdJkTDd8Sv3Oter/jNHkempoa2tGk3
b6/3RMtH0QxjGg==
=G4du
-----END PGP SIGNATURE-----
--fXStkuK2IQBfcDe+--
