Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
| Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
06-22-2007, 06:34 PM
|
#1
|
|
Member
Registered: Sep 2005
Distribution: feather 0.72-usb, DSL,CentOS,Ubuntu, Redhat 9
Posts: 144
Rep: 
|
2p2 killing me again
hello friends,
i have successfully blocked a good number of peer 2 peer protocols such as gnutella, fasttrack,edonkey using an iptables modules called rope. but the problem now is i suddenly discovered this new p2p called ARES. i really want to block this thing from consuming my entire bandwidth. but unfortunately rope does not have a script for this ARES. can any one assist on what step to take.
Thanks in Advance.
|
|
|
|
|
06-22-2007, 07:09 PM
|
#2
|
|
LQ Guru
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870
|
Maybe look into the IPP2P project. Their website lists Ares as one of the P2P networks which their iptables module can match.
Last edited by win32sux; 06-22-2007 at 07:25 PM.
|
|
|
|
|
06-23-2007, 03:16 AM
|
#3
|
|
LQ Newbie
Registered: Jun 2007
Posts: 2
Rep: 
|
Try with l7 netfilter patch
|
|
|
|
|
06-23-2007, 10:13 AM
|
#4
|
|
Member
Registered: Sep 2005
Distribution: feather 0.72-usb, DSL,CentOS,Ubuntu, Redhat 9
Posts: 144
Original Poster
Rep:
|
Thanks guys for the quick response, ipp2p does a very good work but still not blocking this particular variant of Ares called Ares regular. pls let me know if there is another option.
Thnaks
|
|
|
|
|
06-24-2007, 06:45 AM
|
#5
|
|
Member
Registered: Jun 2003
Location: UK
Distribution: Devuan Beowulf
Posts: 514
Rep:
|
Close all ports and force web traffic via a proxy like squid.
As i remember even Ares needs a port open to function properly. If you lock down all ports, then force everything through squid, you can tailor exactly what gets access, and also weight things, so perceived p2p traffic gets a hellishly low priority, while http(s) gets a higher priority, etc.
Guides on how to do this exist and can be found via the usual routes (google, etc).
Also maybe look into dansguardian and moblock.
|
|
|
|
|
06-24-2007, 10:18 AM
|
#6
|
|
Member
Registered: Sep 2005
Distribution: feather 0.72-usb, DSL,CentOS,Ubuntu, Redhat 9
Posts: 144
Original Poster
Rep:
|
thanks v00d00101,
could u give me a hint on how i could use squid to attain this after blocking all ports.
Thnaks
|
|
|
|
|
06-24-2007, 05:18 PM
|
#7
|
|
LQ Guru
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870
|
Quote:
|
Originally Posted by yawe_frek
ipp2p does a very good work but still not blocking this particular variant of Ares called Ares regular.
|
Does it say that on the website or did you try it yourself? BTW, if the ipp2p people have a mailing list it might be a good idea to ask about this there.
Quote:
|
Originally Posted by yawe_frek
could u give me a hint on how i could use squid to attain this after blocking all ports.
|
What you will be able do with Squid is gonna be very limited IMHO (unless Ares has no proxy compatibility at all). If you wish to go the proxy route, I'd say your best bet would be an application-layer proxy. A lot of people like Zorp.
Last edited by win32sux; 06-24-2007 at 05:21 PM.
|
|
|
|
All times are GMT -5. The time now is 03:31 PM.
|
|
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
|
 Latest Threads
LQ News
|
|
