blocking p2p sharing software either in router or windows 2003 GPO?

Anyone know of how to do this?

From what I'm seeing, the ports change very frequently, making it hard

to block via the router/firewall..

Any thoughts on this or via GPO?

Thanks

Reply to
markm75
Loading thread data ...

Use Software Restriction Policies to prevent the software from being run in the first place.

cu

59cobalt
Reply to
Ansgar -59cobalt- Wiechers

  1. I would turn off UPnP support on a router and protect it with a password. (No port forwarding)
  2. I would uninstall p2p software from computers and setup limited accounts, admin would be me only. (No software installation).
Reply to
alf

You don't need admin rights to install P2P software. In fact, even most commercial software only requires admin rights due to stupid installers, whereas porting the installed files and some registry to another computer without admin rights works fine as well.

Reply to
Sebastian G.

What you talking about is true, but if markm75 deals with users capable to do that (this is high above Joe Avaerage), then he have a serious problem with no easy solution. I wouldn't even try any of "computer protection". I would employ some other type of protection: law, force, whatever.

Reply to
alf

Why exactly is unpacking emule0.47c.bin.zip into a directory and then launching it above a typical user? Why exactly is getting told by Jane Clever "hey, just unzip this archive and you can run LimeWire without installation" above understanding?

Nonsense. There is a very easy solution: globally remove execute rights and only explicitly grant it to required applications. On Windows this is called "Software Restriction Policies".

Lawful protection could never be anything but supplemental.

Reply to
Sebastian G.

In a case of LimeWire it might be true. But generally, transfering some software package from one computer to another without installation is a task above Joe Average capacibilities.

User capable of analysing installation logs and who are familiar with computers enought to transfer MS Office from one computer to another will find a way how to crack admin password and reconfigure that policy.

Reply to
alf

As I wrote: Jane Clever can prepare this task. Joe Average will just have to run a script, and there you go.

MS Office doesn't run without administrative installation.

A strange assumption, especially since they can't run any of the exploits and have to resort to what the system offers.

Reply to
Sebastian G.

Than you have to protect yourself from Jane Clever, Joe Average in this case is only a keyboard button Jane Clever is pressing. You dont have Joe Average in front of computer but Jane Clever. Joe Average alone is not capable to do that.

Not important, can be some other software package, that is irrelevant. Whatever package you take as example is above Joe Avarage capacibilities.

Live Linux.

Reply to
alf

Does anyone know what tool or how I could sniff our outgoing/incoming internet traffic to even determine if our bandwidth drops are due to p2p software?

I do have the network monitor tool installed on an SMS server which can search for any traffic on the whole network.

For now I may try the software restrictions in P2p.. so at least then I can control who can run it and who cant, though most of our users are admins on their local boxes here and this isn't likely to change for various reasons.

Reply to
markm75

Once again: You have Joe Average sitting on the computer doing what Jane Clever told him, or wrote him up in a script. That's why your notion "Joe Average alone is not capable to do that" is absolutely worthless in practice.

Once again:

- Jane Clever can prepare the task. Joe Average has nothing to do but simply start a script.

- Many software packages install quite well without admin rights.

Oh, and how do you change the boot priority without the BIOS password?

Reply to
Sebastian G.

Sebastian G. wrote: ...

Who put the password, I cannot find that in a thread, there were uPnP off, Limited account and software restriction policy.

You are adding new security meassuers, so now I will quote myself.

i.e. more security meassures have to be involved, you pointed one, that is enought to prove statement.

EOD

Reply to
alf

Eh... using a limited account obviously implies setting a password for the admin account.

easy solution.

Well, except that stuff like disabling uPnP becomes superfluos then (it's still a good idea). And, even further, doing such few things definitely accounts as an easy solution.

Reply to
Sebastian G.

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.