Blocking Peer to Peer via a router.

[Mister Dobbo]

Not sure if it should be in hardware or software section, but here goes.

I let my neighbour use my ISP connection via my wireless network (WPA-PSK'ed) but I'm worried they might use P2P file sharing and want to block this. I have a Netgear DG834g router and can do some filtering in it. If I block all ports except port 80 and maybe SSL and POP would this stop P2P? Or does P2P software just keep looking for an open port?

I know some will say just cut them off but we get on well and I dont have a problem with bandwidth, I dont thin he uses P2P but his kids may

Hope this makes sense an tips would be useful.

 

[Ricardus]

Most P2P apps use a set port number, although I know at least two with settings to randomise what port they use to defeat ISPs who throttle P2P traffic.
Wikipedia has a list of commonly used ports to begin with.

 

[Gees]

Dobbo.... can I come and live next door to you as well. It would save a fortune in Broadband costs.. I promise I wont download any "IFFY" stuff Honest....

 

[SeanT]

What ISP are you with? It might not be an issue if you're with the right ones! Be nice to get him to get broadband too, and then get a dual WAN router and join the two connections together - that way you can both use each others (faster in many circumstances)

 

[armbase]

Not sure if it should be in hardware or software section, but here goes.

I let my neighbour use my ISP connection via my wireless network (WPA-PSK'ed) but I'm worried they might use P2P file sharing and want to block this. I have a Netgear DG834g router and can do some filtering in it. If I block all ports except port 80 and maybe SSL and POP would this stop P2P? Or does P2P software just keep looking for an open port?

I know some will say just cut them off but we get on well and I dont have a problem with bandwidth, I dont thin he uses P2P but his kids may

Hope this makes sense an tips would be useful.

Jeeeeeeeesssssssssssss..........

Right now you should change your WPA PSK.

The neighbour could be downloading flippin kiddy porn and guess what..... you would be guilty. Try telling this to the Police. "Honest it was my neighbour using my wifi".

Officer says Neighbour doesn't have a computer. (he saw the Police and ran out to get rid of it before he was caught). I'm sorry sir it came to your IP address. We are going to have to get a team in and remove all your computers from your house while your other neighbours are watching.

I don't want to sound harsh but you are completely off your head to allow anyone to use your internet.

Tell them to get a Mobile dongle from "3" and surf without a phone.

All the best
Bob

 

[Mister Dobbo]

I hear what you are saying armbase but I know my neighbour well and they're sound, they're not there very often as it's a holiday cottage and just use a laptop when they come up at weekends.

I probably will change the key soon as I need the connection for work and with ISP's getting pressure to cut of users of P2P I can't risk it.

Thanks for all the replies.

 

[canyouhelpmeplease]

[/quote]

I don't want to sound harsh but you are completely off your head to allow anyone to use your internet.

Come on thats a bit steep !. If person a did download such material that a simple check on the PC would prove no such activity on your PC and the fact that you have wep security reduced/limits who can access your network to download such filth !, so if they did come to your home you soon will be 1 neighbour short, in fact based on recent tv programs there is much monitoring that goes on 1st as there is unfortunatly often more than just .... anyway I dont want to go there. panic not ....

 

[Mister Dobbo]

I've moved my DNS to OpenDNS now via the router config, amazing power to control your connection filtering and to see whats going on. Anyone with kids should also look into it

 

[^woody^]

I don't want to sound harsh but you are completely off your head to allow anyone to use your internet.

[/quote]

Isn't that what is wrong with us today? No sharing, no community spirit, in all a bit selfish?

What is the problem with sharing the connection with a neighbour or friend?

What happens when the OP 'shares' his connection with his wife/partner other family members?

BT is proposing exactly the same thing with a nationwide wifi-sharing program

Anyway. Each p2p program uses its own default ports, so you would have to find out what ones are used and block these.

 

[MarkBarl]

Leaving the security issue aside (Who you let use your connection is your business) Blocking peer to peer is not as easy as it sounds. It is not a case of just blocking certain ports. most peer to peer connections will resort to using port 80 if they have to. The only real way to block it is to proxy the traffic and have the traffic looked at more closely. Having said that, I see 2 ways to go. Firstly, as you say you are on good terms with them and trust them, have a chat and tell them that you don't want p2p stuff going over your connection. The other way is to buy or build a router with traffic shaping in. You let the P2P through but throttle the bandwidth for it so it won't swamp your bandwidth.

The last option would also give you the ability to control the bandwidth to give you priority. If you are interested in going this way and are willing to have a go at building you own, I would suggest looking at monowall. Get on the forums and ask some questions.

Regards.

 

[NatB]

Just allowing HTTP port 80 from a particular IP should solve any problems..should they wish to use secure processing then you can always open up the port as needed rather than open by default.

Security tip is to close everything and only open what you need.