[geeks] P2P Monitoring / Mitigation

Geoffrey S. Mendelson gsm at mendelson.com
Tue Mar 25 10:55:07 CDT 2008


On Tue, Mar 25, 2008 at 11:19:26AM -0400, Bill Blum wrote:
> I work for a small liberal arts college, and we're getting *hammered*
> bandwidth-wise by students in the dorms with P2P.
> 
> Our problem:   We have minimal budget, and we only have two staffers who
> deal full time with admin/networking issues.
> 
> Anyone have suggestions for mitigation strategies aside from Cisco Clean
> Access or equivalents?


It depends upon how sophistocated your P2P users are. Blocking ports used
by eMule, and the standard bittorrent port work for people who do not
use clients that support changing ports or encrtption.

There are several ways to control the smarter ones too.

1. Don't allow the computers in the dorm to access the Internet.
   You can provide them web access via a caching proxy such as
   apache or squid. 

   The easiest way is to keep them on their own hardware segment
   without a gateway. :-)

2. QOS them to death. If you QOS packets over 100 bytes to 1k
   per second for the entire dorms, you pretty much kill p2p.

   If they access the web via a proxy, this won't affect them.

   It still allows tcp ack packets, traceroute, ping and VoIP
   to go through unimpeded.

These can be implemented quickly with a single Linux system.

Geoff.

-- 
Geoffrey S. Mendelson, Jerusalem, Israel gsm at mendelson.com  N3OWJ/4X1GM



More information about the geeks mailing list