Blocking Ares Galaxy

Does anyone know what would be the most efficient way of blocking Ares connections on my firewall appliance? Seems like it's connecting to random hosts on many random ports and newer versions does "nat-punching". I am not too familiar with this P2P client, can anyone give me some insight? Thanks

You do not mention what is your firewall appliance, however if that's not an issue, IPP2P extension for IPtables works for blocking.

thanks for the reply I will check it out but I doubt I will be able to implement it on my current firewalls. the applianced I was referring to is a proventia m30 and a sofaware appliance using checkpoint fw.

Unfortunatelly it's very difficult to detect any p2p traffic judging only from Network/Transport protocol headers -so it's not possible to configure conventional layer 3 - 4 firewalls for that purpose. Perhaps it's easier to match and allow everything you want, and use a default deny policy;

An other thing that could work, is to use traffic shaping on connections initiated at the default ports of Ares (most likely there are some default ports that initially attempts to use) limiting the available bandwidth for these to a pathetic 0.5 K/S or so, so that ARES (or any p2p) manages to connect, but not much else.