On Wed, Oct 10, 2001 at 11:30:36AM -0400, Chris Campbell wrote:
> Here at my business we have a lot of users saying the "slow network"
> cry that I am sure a lot of you have heard. Well, I installed the
> newest ntop on a box and threw it out in the external network. I
> found that a lot of users are using file sharing apps like
> kazaa/aimster/gnutella. My question is, is there a good way to go
> about doing something about this, like blocking the ports. I guess in
> checkpoint i could just make a new rule, but I was wondering if anyone
> else has come upon this situation.

Rather than immediately resort to a technological solution, I'd suggest
working with a sociological solution. I've heard one *very* effective
way to cut down on un-necessary web surfing/file downloading/pr0n
viewing was to post reports on who had the most traffic to which sites.

Another method, perhaps less likely to run afoul lawsuits, is just to
let people know the network is slow as a direct result of this
extraneous filesharing stuff. The users might self-regulate better.

If you think it would be easier to outright kill all of it, your options
are limited. Practically anything can be tunnelled through http, and if
you allow only http out through your firewall, your users may end up
frustrated and tunnel instead.

You may also ask your firewall vendor if they support QoS, that would
allow you to prioritize email and http traffic above the other traffic..

And, you *can* lock down your firewall rules to disallow this traffic.
If you own the network, it is in your right to disallow selected
traffic. :)

Cheers :)

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]