Is it possible to block file sharing, like Kazaa, Morpheus, bittorrent and Limewire, with a router? I have a Netgear FVS338 router. It has url keyword blocking, but you are limited to 32 keywords, so you cannot block all of the most popular sites. A downside to this type of blocking is that the router does not distinguish between keywords in the domain itself and those in the rest of the url, which greatly increases the chance of inadvertant blocking. At least I can enter trusted domains.
Anyway, I block things like p2p, peer, kazaa, limewire, sourceforge, torrent, gnu, morpheus and grokster (gnu and sourceforge are blocked because there are a huge number of open source file sharing applications, many of which are hosted on sourceforge.net). Besides the 32 keyword limitation, I would guess that url keyword blocking would only help prevent people from downloading the program, searching for it in a search engine or visiting related sites with the keyword in the domains and web pages with the keyword in the url, and would not stop people from using the programs. Is there any way to stop them from using a file sharing application? I can also block proxies and ActiveX, and I can set inbound and outbound rules, if any of those will help in blocking file sharing.
I also have another router question. I have the option to “Enable DNS Proxy”. The router says, “Enable this to allow the incoming DNS queries.” I looked it up, but I could not figure out exactly what this would be used for.
That, I think, would be if you are running your own domain name server, and you’d most likely be doing that if you were hosting your own domain(or parts of it).
It used to be the case that you could block filesharing programs based on the ports they used, but that doesn’t work any more, as most of them can now be configured to use different ports, or even to keep trying different ones until something works.
There are other solutions, such as this, but perhaps you could post a few more details on the structure of the network you’re trying to protect? Is it a small business office LAN?
This is just for my house. I do not have my own domain or anything. There is me and just two other bedrooms with connections. I was hoping to find something that I could do with a router, since I cannot afford to keep a computer running 24/7. I’ve had severe problems with past roommates. Almost all of them (15 or so since I got a home network, I have a lot of turnover) have illegally downloaded at least some songs and movies. A few downloaded them constantly. One set his computer up to download 5 movies and then went to work, which basically killed the connection for the rest of us for the day. The movies are the worst since they are so big.
I have also gotten in trouble with my ISP and the RIAA. If they catch any more file sharing they threatened to shutoff my connection and sue me, respectively. I only escaped since it was my former roommates that had done it. It is not just that, though. If people are using my Internet connection for illegal purposes, I feel that it is my responsibility to try to stop them. That is why I bought an expensive router with these options. From the promotional stuff, I thought it would work better and easier for file sharing blocking than it does. It is really easy to set up, though, and it works very fast with the built in firewall and the keyword blocking I implemented.
I came across these file sharing block instructions for Cisco routers, so I was hoping that I could do the same kind of thing with my router. Does anyone know if the Cisco stuff would work? I could exchange my router for a Cisco one, if it will work.
As for blocking them Sourceforge, it is unlikely that they would use the programs based upon who the current roommates are, if the file sharing programs are discounted. I doubt they have any open source software with the possible exception of Firefox. Also, I am not blocking a whole bunch of people, so the chance of someone wanting something from there is small. Also, if they do want a program, I can unblock it temporarily.
It seems like it would be easier to just block everything except specific ports. You could tell it to allow outgoing connections on ports 80 (http), 110 (pop3), and whatever other ports you’re okay with. You’d have to write in rules for specific instant messengers and games and such, but you pretty much have to write a seperate rule for each file sharing program too if you allow connections by default. So you can have them ask to allow certain programs through instead of trying to guess which file sharing programs to block. There’s really no easy way to do it.
How about setting up a proxy server, and making everyone go through that? Block outgoing connections for everyone besides your server. That would help put the kibosh on file-sharing.
Snailboy, I think that the programs just search for what port is open.
Aestivalis, I would have to run a computer all the time for that, which I cannot afford.
Thanks for you help, everyone. I think I’ll either stick with the keyword blocking or get a Cisco router and follow their directions for blocking file sharing. The Netgear router has turned out to be disappointing, though. It does not even track the sites that people go to and it keeps alarming me about something (I cannot tell what) and the IP addresses all belong to the Internet Assigned Numbers Authority, which I doubt is trying to hack my computer. Maybe it is logging that instead of the sites that are visited. I would not recommend the router or brand to anyone.
The electric bill. Electricity is very expensive where I live, about twice the national average, and computers use a lot of power, although it can vary greatly by the brand and model. Also, the computer, router and cable modem are in my bedroom and I do not want to listen to the fan all of the time. Plus my room is very well insulated and it can get hot with all of the heat the computer and monitor put out. I do not have air conditioning and the fan and window do not work very well on expelling the heat. It would be easier and less expensive to go with the Cisco router.