[geeks] P2P Monitoring / Mitigation
Patrick Giagnocavo
patrick at zill.net
Tue Mar 25 10:38:55 CDT 2008
Jochen Kunz wrote:
> On Tue, 25 Mar 2008 11:19:26 -0400
> "Bill Blum" <bill.blum at gmail.com> wrote:
>
>> Anyone have suggestions for mitigation strategies
> Block / limit bandwith for all trafic on ports commonly used by the P2P
> software?
This will not work since most P2P will use common ports such as 53 (DNS)
or 80 or 443 (HTTP and HTTPS) if other ports are blocked.
> Implement IP quota: If a student in a dorm leaches more then e.g. x MB /
> week disable the corresponding switch port / MAC address.
This is a good idea. The PFsense box can add a package that will send
NetFlow info to a remote host - doing that will give you top talkers, etc.
--Patrick
More information about the geeks
mailing list