IDS mailing list archives

RE: blocking p2p traffic

From: "James Williams" <jwilliams () mail wtamu edu>
Date: Mon, 8 Mar 2004 14:07:09 -0600

I would suggest the Allot Communications NetEnforcer. It is more expensive
than the Packeteer, but IMHO performs better then the Packeteer. Packeteer
uses a function called tcp sliding window to regulate flow control when
controling layer 7. This functionality can cause havic on a WAN thats used
for telephony and videoconferencing. Voice and data services over IP use udp
packets to help reduce some of the overhead in the network. This causes
voice and data services to be very picky and rely on very specific amounts
of bandwidth and reliable flow control. TCP sliding window breaks that
functionality. We have been using The NetEnforcer for about a year and
haven't had any problems with reliability of H.323/VoIP.

It's easy to setup and manage and works great for our environment.

Here are some links for you.

http://www.freesoft.org/CIE/Topics/7.htm
http://www.allot.com/pages/products_index.asp?intGlobalId=2
http://www.net.cmu.edu/docs/arch/qospe-public.html

James Williams
Network Systems Technician
West Texas A&M University


-----Original Message-----
From: Dean Smith [mailto:dhsmith () netscreen com]
Sent: Saturday, March 06, 2004 8:24 AM
To: focus-ids () securityfocus com
Subject: Re: blocking p2p traffic


In-Reply-To: <001301c4020f$9aecc630$0f010196@laplaboratorio>

So does the NetScreen IDP, as I work there I won't go on about it but it
works well.


Packeteer support discovery and control aplications in layer 7, include p2p
aplications.


Hemac Teleinformatica
Ing. Juan Carlos Davila Ortiz
Ingenieria
Chapultepec # 710   Col. Moderna
3616-3824 Guadalajara, Jal.
jdavila () grupohemac com mx
----- Original Message -----
From: "Deshpande, Yashodhan" <ydeshpande () ipolicynet com>
To: <focus-ids () securityfocus com>
Sent: Wednesday, March 03, 2004 6:24 PM
Subject: blocking p2p traffic

Hi,

    Any information regarding IDS/IPS software available which blocks p2p

traffic? Or in general any information regarding how to identify p2p
application is running and may be configure firewall to block such traffic.
In general it is observed that such applications do not work on = single
port and do port hopping. How to block them?


Any inputs on the same would be appreciated.


Thanks,

Yashodhan

-------------------------------------------------------------------------

Free 30-day trial: firewall with virus/spam protection, URL filtering,

VPN,

wireless security

Protect your network against hackers, viruses, spam and other risks with

Astaro

Security Linux, the comprehensive security solution that combines six
applications in one software solution for ease of use and lower total

cost

of

ownership.

Download your free trial at
http://www.securityfocus.com/sponsor/Astaro_focus-ids_040301
-------------------------------------------------------------------------



---------------------------------------------------------------------------
Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN,
wireless security

Protect your network against hackers, viruses, spam and other risks with

Astaro

Security Linux, the comprehensive security solution that combines six
applications in one software solution for ease of use and lower total cost

of

ownership.

Download your free trial at
http://www.securityfocus.com/sponsor/Astaro_focus-ids_040301
---------------------------------------------------------------------------


---------------------------------------------------------------------------
Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN,
wireless security

Protect your network against hackers, viruses, spam and other risks with
Astaro
Security Linux, the comprehensive security solution that combines six
applications in one software solution for ease of use and lower total cost
of
ownership.

Download your free trial at
http://www.securityfocus.com/sponsor/Astaro_focus-ids_040301
---------------------------------------------------------------------------


---------------------------------------------------------------------------
Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN,
wireless security

Protect your network against hackers, viruses, spam and other risks with Astaro
Security Linux, the comprehensive security solution that combines six
applications in one software solution for ease of use and lower total cost of
ownership.

Download your free trial at 
http://www.securityfocus.com/sponsor/Astaro_focus-ids_040301
---------------------------------------------------------------------------

Current thread:

Re: blocking p2p traffic, (continued)
- Re: blocking p2p traffic Shaiful (Mar 08)
- Re: blocking p2p traffic Ravi (Mar 08)
- Re: blocking p2p traffic Joakim Andersson (Mar 08)
- RE: blocking p2p traffic Steve Paine (Mar 08)
- Re: blocking p2p traffic Petr Ruzicka (Mar 12)
- RE: blocking p2p traffic Gary Freeman (Mar 04)
  - RE: blocking p2p traffic josh (Mar 08)
- RE: blocking p2p traffic Zach Forsyth (Mar 08)
- Re: blocking p2p traffic Dean Smith (Mar 08)
- RE: blocking p2p traffic Vincent . Maes (Mar 08)
- RE: blocking p2p traffic James Williams (Mar 08)
  - Re: blocking p2p traffic Michael Stone (Mar 12)
- RE: blocking p2p traffic InfoSec (Mar 08)
  - Re: blocking p2p traffic Jens Matthes (Mar 12)
  - Re: blocking p2p traffic Jeff Kell (Mar 12)
- Re: blocking p2p traffic Brian Smith (Mar 15)