Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Port numbers for Peer to Peer file sharing apps.

From: James Paterson <jpaterson () datamirror com>
Date: Fri, 22 Nov 2002 10:00:06 -0500
Does anyone have any experience with Akonix L7 (www.akonix.com) being
functional at blocking IM and P2P apps? I am about to start an eval on it
for use in my organization. 

-----Original Message-----
From: Eric Vyncke [mailto:evyncke () cisco com] 
Sent: Friday, November 22, 2002 4:56 AM
To: Mikael Olsson
Cc: Mark Whobrey; firewall-wizards () honor icsalabs com
Subject: Re: [fw-wiz] Port numbers for Peer to Peer file sharing apps.

At 10:50 22/11/2002 +0100, Mikael Olsson wrote:


Eric Vyncke wrote:


If you are concerned only by the waste of bandwidth, you may want to:
- block all incoming TCP connections but the really needed ones


Um. That doesn't work for kazaa (fasttrack), gnutella, etc.
These apps will detect if they're firewalled, and if two peers want
to talk to eachother where one side is firewalled, the connection 
will always be initiated by the firewalled one.


Right, but my point was that those applications require at least one peer
without firewall (= accepting incoming connection). So, blocking incoming
connections will cut the bandwidth by at least 50% (as a lot of P2P users
are behind NAT or firewalls)


(And for public networks, every port is "needed" if you ask the users.)


Agreed, you then get what you want ;-)

-eric

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: