- Posts: 2
- Thank you received: 0
Blocking Ares Galaxy
18 years 5 months ago #15213
by logikal
Blocking Ares Galaxy was created by logikal
Does anyone know what would be the most efficient way of blocking Ares connections on my firewall appliance? Seems like it's connecting to random hosts on many random ports and newer versions does "nat-punching". I am not too familiar with this P2P client, can anyone give me some insight? Thanks
18 years 5 months ago #15215
by nske
Replied by nske on topic Re: Blocking Ares Galaxy
You do not mention what is your firewall appliance, however if that's not an issue,
IPP2P
extension for IPtables works for blocking.
18 years 5 months ago #15228
by logikal
Replied by logikal on topic Re: Blocking Ares Galaxy
thanks for the reply I will check it out but I doubt I will be able to implement it on my current firewalls. the applianced I was referring to is a proventia m30 and a sofaware appliance using checkpoint fw.
18 years 5 months ago #15239
by nske
Replied by nske on topic Re: Blocking Ares Galaxy
Unfortunatelly it's very difficult to detect any p2p traffic judging only from Network/Transport protocol headers -so it's not possible to configure conventional layer 3 - 4 firewalls for that purpose. Perhaps it's easier to match and allow everything you want, and use a default deny policy;
An other thing that could work, is to use traffic shaping on connections initiated at the default ports of Ares (most likely there are some default ports that initially attempts to use) limiting the available bandwidth for these to a pathetic 0.5 K/S or so, so that ARES (or any p2p) manages to connect, but not much else.
An other thing that could work, is to use traffic shaping on connections initiated at the default ports of Ares (most likely there are some default ports that initially attempts to use) limiting the available bandwidth for these to a pathetic 0.5 K/S or so, so that ARES (or any p2p) manages to connect, but not much else.
Time to create page: 0.120 seconds