Re: Port numbers for Peer to Peer file sharing apps.

[Eric Vyncke <evyncke () cisco com>]

If you are concerned only by the waste of bandwidth, you may want to:
- block all incoming TCP connections but the really needed ones 
- instead of blocking port 1214, ... you may want to use QoS feature on router or ... to limit the bandwidth to a few 
kbps

The reason behind the second point is to fool the cluefull students: some traffic is going anyway, so, they will not 
try other ports but the default.

NB: I admit that this is not an absolute design ;-)

-eric

At 10:58 21/11/2002 +0100, Mikael Olsson wrote:


> Mark Whobrey wrote:
> > I am trying to find a list of ports used by the most common p2p file
> > sharing applications. 
>
> There's a fairly comprehensive list at:
> http://www.practicallynetworked.com/sharing/app_port_list.htm
>
> But, as someone else said, there's also several that will use 
> ports like 80, 21, 25, and some systems that allow changing the
> port numbers manually, which I have seen heaps of clued users
> doing (and, of course, the not-so-clued users doing a couple of
> days/weeks later).
>
> This all makes me want to start my "don't do app-specific shaping
> on public networks" rant again, but I won't. I'll just point you
> at my previous rant:
>
> http://marc.theaimsgroup.com/?l=firewall-wizards&m=103652075227472&w=2
> http://marc.theaimsgroup.com/?l=firewall-wizards&m=103659628332470&w=2
>
>
> -- 
> Mikael Olsson, Clavister AB
> Storgatan 12, Box 393, SE-891 28 ÖRNSKÖLDSVIK, Sweden
> Phone: +46 (0)660 29 92 00   Mobile: +46 (0)70 26 222 05
> Fax: +46 (0)660 122 50       WWW: http://www.clavister.com
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards () honor icsalabs com
> http://honor.icsalabs.com/mailman/listinfo/firewall-wizards 

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards