Cogdis
join:2007-03-26
Floral Park, NY | Any way to block torrent on Actiontec? I'm getting Fios installed at my job under my name and I would like to let my coworkers use the Wifi, but I'm not sure if I can trust them not to download something that they shouldn't. Is there a way to block torrent use on the Actiontec (it's a new install so I'm guessing it will be the Rev. I). |
|
antioch
join:2007-10-06
Pomona, CA
kudos:1 | You should be a getting a Rev. I. I know its all we carry in or yard now.
You could require each device connected to be setup as static IP and set restrictions on the IP. That's the only surefire way I can think of.
You could also try to put firewall settings on high and also block the major torrent sites. If people get around that I'd assume they're masking the IP or on a private torrent site where your name won't be on the chopping block.
Also, most of the time you'll get a warning first. If that happens block all the employees after that.
--
Fiber Network Technician
Pomona, CA |
|
 fatal
join:2000-12-29
Brooklyn, NY | said by antioch:You should be a getting a Rev. I. I know its all we carry in or yard now.
You could require each device connected to be setup as static IP and set restrictions on the IP. That's the only surefire way I can think of.
You could also try to put firewall settings on high and also block the major torrent sites. If people get around that I'd assume they're masking the IP or on a private torrent site where your name won't be on the chopping block.
Also, most of the time you'll get a warning first. If that happens block all the employees after that.
lmao :-P |
|
 birdfeedrPremium,MVM
join:2001-08-11
Warwick, RI
kudos:8
1 edit | reply to Cogdis
There are several approaches:
1. Block all ports [edit](1024-65535)[/edit], then open up specific ones on request. You may want to be MAC filtering or IP filtering.
2. Use PC-based pfsense or IPCop or similar security application.
3. Allow P2P but apply QOS to throttle to unusable speeds.
4. Use the honor system and periodically monitor. Actions have consequences. Yes, sometimes co-workers need to be treated like the kids they can be.
FWIW, dd-wrt has a Block P2P protocol selection, and it also allows blocking other protocols including gaming and other productivity-busters. One checkbox for Block All P2P protocols, and 4 dropdown boxes for specific named protocols.
As fatal alluded to, a determined torrenter will find a way around your security measures.
The larger picture: if 6 strikes assumes you are responsible for your account activity and you are not given tools to control it, can VZ or other content providers reasonably expect you to control it? At some point you have to be able to use the rogue employee defense. The expense to defend is their only deterrent. A reasonable consumer-level internet subscriber has no effective tool to control unauthorized P2P activity. |
|
Cogdis
join:2007-03-26
Floral Park, NY | Thanks for the replies. I'm surprised that this is so hard to do, especially since the Actiontec has access control settings that can block just about everything else.
said by birdfeedr:1. Block all ports [edit](1024-65535)[/edit], then open up specific ones on request. You may want to be MAC filtering or IP filtering.
I think I might give this a shot and see how much it interferes with. If it's too much I was also looking at open DNS blocking P2P sites (which doesn't block the actual torrent but can at least stop them from starting new ones). Thanks again! |
|
