Peer to Peer Ports

[pup]

Does all peer to peer traffic use the same ports?or does it depend on what peer to peer software your using? any idea what the ports are of where i can find out?

[madasahatter]

Most p2p clients have their own default ports, but you can usually change it to virtually any port you want to use. You will ned to make sure that the port you choose is open on your firewall of course to allow the traffic in.

Not that I know what I'm talking about of course - I'd never use such things 

[pup]

Cheers mad, but i actually want to block the ports with my firewall!! i suppose i could block all ports except 80 and whatever email uses

[Simon]

Wouldn't the posts already be blocked by your firewall, unless you open them?  I'm slightly confused as to what you're trying to achieve.

[Rik]

Me too. 

[madasahatter]

All incoming traffic except certain default ports (such as 80, 25 and 110) are usually blocked on firewalls to start with pup. You would normally have to open ports to let the p2p traffic in 

Edit - what Simon and Rik said 

[Sebby]

Yep, as others have said, firewalls - hardware or software - require ports opening. Different P2P programs will use different ports.

[Dangerjunkie]

I think he's trying to block outgoing ports (not incoming) to try and stop people on his network using P2P apps.

Which firewall are you using? It's going to have to be something pretty heavy duty to allow outgoing connection control.

Cheers,
Paul.

[pup]

I think he's trying to block outgoing ports (not incoming) to try and stop people on his network using P2P apps.

Which firewall are you using? It's going to have to be something pretty heavy duty to allow outgoing connection control.

Cheers,
Paul.

Thats correct DJ.

Im using Sygate Personal Firewall Pro

[Simon]

I haven't used Sygate for years (isn't it Norton now?), but can you not lock it down so that only you can configure it?.  As we have said, the ports would be blocked by default, and would have to be opened by the P2P software, with user permission.  If the user didn't have that permission, they wouldn't be able to open the ports.  Sorry if that's not what you're getting at.   

[pup]

i think i can simon, its been a while since i played with sygate. it has been taken over by norton but i wouldnt touch norton with someone elses barge pole 

[somanyholes]

sygate was bought by norton, who then promptly discontinued it as it was a much better product than theirs. It is very much out of date now, but will provides some fairly decent protection except on the outbound connections front.

From what it sounds like so far you are trying to stop people using p2p on your pc, is this correct? Perhaps children or something along those lines.

There are a number of ways you can attempt to do this. Some of which may affect your ability to do certain things.


1. use www.opendns.com, and block p2p/filesharing websites, as far as I'm aware this would block your access to these sites also, although i'm sure with some tweaking there would be a way around this.

2. give the user/users limited accounts, so you uninstall any p2p software and then they will be unable to use p2p applications.

3. Have a look into whitelisting, you can allow or deny certain applications from running.

4. Do some googling for p2p blocking applications.

5. This is probably the way i would do it. Set a password for configurating sygate, set the p2p applications to blocked, when the user tries to use the p2p app they will have to provide the password to unblock the p2p application from running. (which of course you won't give them)

just my thoughts anyway.

I'm sure the peeps on here can think of a few more ways of doing it.

[pup]

Got it in one somanyholes   

cheers 

[Simon]

I think I would go with #5, if Sygate allows it.