how does P2P s/w s work, and how to block to them using squid
Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
how does P2P s/w s work, and how to block to them using squid
hi,
we have red hat 9 server with squid as proxy and winXP clients. I would like to know how P2P s/ws like(kazza, edonkey, morpheus etc..) work and how to block these softwares. The problem we have very low bandwidth internet connection so we cannot afford to have these s/w running in the the client computers, even though i have blocked the sites where these s/ws are available, some users of the network have installed them using CDs.
so i would like to know how can i block these s/w and how they work.
These guys can be fairly hard to block since they use port-hunting techniques to find open ports that they can use. However you can make a good start by setting up a firewall and a good tool to help with this is firehol -- firehol.sourceforge.net has all the details.
The problem we have very low bandwidth internet connection so we cannot afford to have these s/w running in the the client computers
This solution mimics that of an authoritarian system of government under absolute control of a single person*:
- Have a network acceptable usage policy (don't check legal issues since you're doin things the Junta way).
- Force network users to adhere (psyops, demotion, blackmail, you name it).
- Be able to enforce it (see prev).
- Restore each users OS partition (force users to do it instead of using a nighttime cronjob).
- Deny all outbound traffic (burn Wifi AP's at the stake and flog all modems to death).
- Force all traffic through a transparent proxy using Snort-inline with the P2P rulesets before hitting Squid.
- Use traffic monitoring to spot anything suspicious.
- Regularly hold festive meetings underscoring the "freedom" your leadership brought, the need to achieve the ten year plan's "Glorious Goals", the need to combat The Enemy continuously and don't forget to end with singing the Farm anthem...
* meaning that your actions will encourage them to actively find ways to circumvent these.
I know its hard to implement but we have no other ways, with a 512 kbps shared internet connection for which a max of 10 users is the recommended we have more than 20 clients. so we have to implement measures like this.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.