Category Archives: Block P2P

Three ways to block torrent traffic in your network.

Torrent downloading is annoying and can consume most of your bandwidth, so you might want to block torrent in your network. There are several ways to block torrent in your network. While in this post, I will introduce three solutions to block torrent(bittorrent, utorrent, qtorrent) with WFilter internet content filter and WFilter NG firewall.

Please be aware that “WFilter internet content filter(ICF)” and “WFilter NG firewall(NGF)” are total different products. WFilter ICF is a windows program, which is designed for pass-by deployment on a mirroring port. While WFilter NGF is a dedicated linux firewall system.

1. Block torrent with WFilter ICF

passby_router_topology.png

As you can see in the diagram, the WFilter internet content filter(ICF) shall be connected to a mirroring port in your router or switch. So it can analysis network packets and deploy internet access policies. Steps to block torrent with WFilter ICF:

blocktorrent01 blocktorrent02 blocktorrent03

2. Block torrent with WFilter NGF as a network bridge.

Network topology diagram:

Ros guide bridge.png

WFilter NGF acts as a network bridge, sitting between your router and switch. So it can filter internet traffic.

3. Block torrent with WFilter NGF as a network gateway.

Network topology diagram:

Ros guide gateway.png

In this topology, WFilter NGF acts as the gateway of your network to deploy internet access policies. Please be aware that you can install WFilter NGF in a virtual machine to act as a virtual gateway, here is a guide: Using a pre-built VMWare image of WFilter NG Firewall

You can setup “application control” policies to block torrent with below steps:

block_torrent1 block_torrent2 block_torrent3

 

When deployed and configured properly, both WFilter ICF and WFilter NGF can block torrent completely. All torrent clients will have zero uploading and downloading speed.

utorrent_4 block_torrent04[1][2] after.

 

WFilter ICF homepage: WFilter Internet Content Filter

WFilter NG homepage: WFilter NG firewall

WFilter videos: WFilter Videos

 

 

How to block torrent in lan with WFilter NG Firewall?

Torrent downloading can consume most of your bandwidth. It’s rather annoying for IT administrators.

With WFilter NG Firewall, you can detect torrent traffic, block torrent downloading and get bandwidth report of torrent traffic.

In this post, I will demonstrate the steps to block torrent in LAN network with WFilter NG Firewall. Please note that WFilter block torrent by protocol matching. So once you block bittorrent in WFilter, all other torrent clients, including bittorrent, utorrent, qtorrent will all be blocked.

1. New a blocking policy in “App Control”.block_torrent1

 

2. Name it “block torrent”, set “bittorrent” to “deny”.block_torrent2

block_torrent3

 

3. Torrent clients being blocked.

utorrent_4

block_torrent04[1][2]

after.

 

Please note that all WFilter products can block torrent in Lan network. You may check other topics:

How to block utorrent downloading with WFilter 4.1?

How to block torrent downloading with WFilter free?

How to block BitTorrent traffic in your network?

How to block torrent downloading with WFilter free?

From version 1.0.171, WFilter free is able to block bittorrent traffic on network. In this guide, I will demonstrate you to block torrent downloading with WFilter free edition.

1. New a “block torrent” policy

2. Define ip ranges to be blocked.

Apply the “block torrent” policy to client ip ranges.

3. Check “Blocking Logs” .

Check WFilter’s blocking history logs, you will be able to see events of torrent blocked.

4. Check bittorrent program.

Bittorrent download speed will be zero when blocked.

WFilter 4.0 is coming.

WFilter 4.0 version will be released soon after nearly two years development.


The new version made a lot improvement and optimization of current features. Also a series of new features are added, such as “WFilter Dashboard”, “Central Management of WFilter servers”, “WFilter Local Account”, “Multi-adapter Monitoring”, and several new alert types. Below is a brief introduction to these new features:


1. WFilter Dashboard


WFilter Dashboard allow you to check the monitoring status, log storage status, system warnings from a central dashboard.



2. WFilter Servers Management


This feature enables you to manage several WFilter servers from a central localtion.



3. Default IP Policy


The “Default IP Policy” feature enables you to set different policies to different ip ranges, when a new computer found it’s default ip policy will be applied.



4. Search of Network Computers


You can use the “Search Computers” feature to search computers in your network. It’s more convenient than the passive computer finding in the old version.



5. More Alert Types


More alert types are added: disk space alert, new computer alert, ip address changing alert…



6. More Powerful Account Monitoring


WFilter’s “account monitoring” feature can integrate WFilter with your active directory. So you can deploy monitoring based on user accounts. The new version added “WFilter local accounts” feature. When you don’t have an available active directory, you also can use “WFilter local account” feature to monitor/filter by user accounts.


6.1 Integrate Active Directory





6.2 WFilter local account



7. Multi-adapters Monitoring


WFilter 4.0 can support monitoring on multiple adapters to support complicated networkings.


How to block BBC online video with WFilter?

One customer reported that BBC online video can not be blocked by WFilter, even “Block Online HTTP Video and Downloading of Video Files” is checked in certain blocking levels.
So we did some research and found, other than HTTP protocol, the BBC websites also use the RTMP (Real Time Messaging Protocol) to play online video.
Because blocking of RTMP is not supported by default in WFilter(will be added soon), this tutorial will guide you to block BBC online video by the “Customize Protocols” feature of WFilter.

First, Add a new protocol named “RTMP”.


1. Protocol Settings:
Protocol Name: RTMP
Protocol Desc: Real Time Messaging
Protocol Type: Streaming

2. Pattern1
Name: RTMP_HTTP
Desc: RTMP_HTTP
Type: HTTP SEND
Offset: 0
Format: User-Agent
Content: Shockwave\sFlash

3. Pattern2
Name: RTMP
Desc: RTMP
Type: TCP_SEND
Offset: 0
Begin Byte: 03
Format: 0
Content: \x03[\x00-\xff]{4}\x80\x00

Second, Enable blocking of RTMP in certain blocking levels.

Now, BBC videos will be successfully blocked.

Related Topic: How to block bbc iplayer?

How to restrict employees internet access on your network?

Internet can be a benefit to business when used properly, but internet
is often abused by employees and poses significant liability and
security risks. Used
improperly, the Internet can subject every organization to harassment claims,
countless hours of lost productivity and innumerable security leaks and
vulnerabilities.

Several important risks caused by improper internet usage:
1. Virus Infection
2. Lost Productivity
3. Legal liability
4. Bandwidth consumer

So it is necessary for you to restrict employees internet access on your network.

To achieve this goal,  first you need an internet access policy, which should be able to:

1. Clarify what constitutes acceptable use of Internet services.
2. Ensure employees understand who to contact with questions regarding acceptable use.
3. Ensure employees understand the penalties that arise from Internet misuse.
4. Help lessen an organization’s spyware and virus infestation rates.
5. Provide human resources with signed documentation from each employee stating a pledge not to improperly use Internet services.
6. Help mitigate productivity losses.
7. Decrease dependence upon technology solutions used to enforce employee behavior.
8. Reduce the organization’s liability resulting from harassment claims, copyright violations originating onsite and other illegal acts.

You also need an internet filtering product to assure your internet policy. Let’s take “WFilter Enterprise” as an example, it enables you to monitor and filter internet access for all computers from a mirroring port of your switch. You only need to install WFilter in one computer to monitor the whole network.

Key Features:

  • Keep a detailed record of each web surfing and web posting.
  • Record all incoming and outgoing email content and attachment.
  • Monitor and archive instance messengers chat contents and activities.
  • Monitor and archive files transferred by web, ftp and IM tools.
  • Implement a policy to filter internet access during working hours.
  • Websites, messengers and p2p file downloading can be blocked to save bandwidth and raise productivity.
  • You only need to install WFilter in ONE computer to manage your whole network.

http://www.imfirewall.us

How to block google talk and gmail chat on company network?

Google Talk (GTalk) is a free Windows and web-based application for instant messaging and voice over internet protocol (VOIP), offered by Google Inc. You may use “Google Talk” to send instant messages, transfer files, make PC-to-PC calls and audio conferencing.

However, sometimes you may want to block usage of google talk on company network. This tutorial will guide you to block google talk using WFilter.

Though instant messaging between the Google Talk servers and its clients uses an open protocol XMPP, it is more complicated and flexible than XMPP.
Google talk uses several ports to connect to its server:

1). Using Jabber standard tcp port 5222.
2). Using TLS port 443.
3). Using web chatting on port 80 in gmail.

So you can not block Google talk by simply blocking Jabber standard port. WFilter makes it simple to block google talk. Google talk connections can be identified and blocked by signature matching.

The below examples demonstrates blocking of google talk.

1. Blocking of Google talk and gmail chat

Set a blocking policy in WFilter to block jabber and google talk:

Blocked Google talk:

2. Block file transfer of Google talk

You also can block file transfer of Google Talk in WFilter. This will block file transfer of google talk without blocking of normal google talk text messaging.

More information, please check “WFilter Enterprise”.
Other related links:
How to block internet downloading?
How to monitor internet usage on company network?
Internet monitoring software for business
How to filter web surfing?
How to block websites and restrict internet access?
How to Block Bittorrent and bitcomet?
How to block msn file transfer?
How to block certain websites to save your productivity?
How to block AIM using WFilter?

How to block bbc iplayer on company network?

BBC iPlayer (formerly known as Integrated Media Player (iMP), Interactive Media Player, and MyBBCPlayer) is an internet television service, P2P, cable television, and several mobile devices developed by the BBC to extend its existing RealPlayer-based “Radio Player” and other streamed video clip content.

As online iPlayer may consume much internet bandwidth, this tutorial will guide you to block BBC iPlayer using WFilter. We suppose WFilter is already properly installed and is capable of monitoring/blocking other computers, if not, please read How to monitor internet usage on company network first.

WFilter’s “website black list” is based on website domains, so we can not use “website black list” to block iPlayer, since iPlayer is a subfolder of www.bbc.co.uk without a individual domain. However, we still can use “URL Keywords Filtering” feature to block url with certain keywords.

The below example demonstrates blocking of url with keyword “iplayer”.

1. Create a blocking policy, and enable “URL Keywords Filtering”.


2. Choose “Streaming Media” category and click the edit icon to edit its keywords list.


Please notice: WFilter already has some default keywords(the default
keywords are hidden). For example, “video” is already included in the
“Streaming Media” category. If you only want to block “iplayer”, you can add a new category in “Category Settings”->”Customize Categories” of WFilter.

In this example, we need to add “iplayer” to the keywords list:

3. Apply this blocking policy to certain computers.

4. By now, urls with keywords “iplayer” will be blocked.

More information, please check “WFilter Enterprise”.
Other related links:
How to block internet downloading?
How to monitor internet usage on company network?
Internet monitoring software for business
How to filter web surfing?
How to block websites and restrict internet access?
How to Block Bittorrent and bitcomet?
How to block msn file transfer?
How to block certain websites to save your productivity?
How to block AIM using WFilter?

How to block internet downloading?

  Unmanaged internet downloading can consume most of your bandwidth, In practice, many, often most, of the files shared on peer-to-peer
networks are copies of copyrighted popular music and movies. 

  So, it is important for corporations to manage, control and block p2p traffic and block unwanted file downloading.

  Files can be downloaded via various ways as described below:

  1. Downloading from HTTP/FTP websites.

  2. Downloading from p2p networks.

  3. Downloading from instant messenger buddies.

  For security purpose, downloading from p2p networks shall be completely forbidden in company networks. And only HTTP/FTP downloading from trusted websites can be allowed.

  Instant messenger file transfer makes it convenient to share files with our friends. It is fast and secure. However, because IM is so popular, virus writers can use it to spread malicious programs. These viruses are spread, in most cases, when a person clicks a link or opens an infected file that was sent in an instant message that appeared to come from a friend. Therefore, messenger file transfer also put your network in danger.

  “WFilter Enterprise”  makes it simple to manage file transfers between local network and the internet. Using WFilter, you may:

  1. Limit file downloading size.

  2. Block web downloading by file type.

  3. Block web downloading by content type. (Mime type)

  4. Block p2p traffic.

  5. Block file transfer via messengers.

  Figures:

 

Other related links:
How to monitor internet bandwidth?
Internet blocking
How to filter web surfing?
How to monitor internet usage on company network?
Internet monitoring software for business
Internet monitoring software

Internet monitoring software for business

  Unmanaged internet access is harmful to your business.
  Without proper internet monitoring and filtering, you may suffer from:
  1. Lower productivity. Your employees might take hours for web surfing, chatting and watching videos.
  2. Slow internet speed. P2P programs or IPTV programs can easily consume most of your bandwidth. So normal business will not have enough available bandwidth.
  3. Unmanaged downloading will bring virus, worms and spyware, which is harmful to your network.
  4. Leaking of business documents and materials.

  Therefore, it is important for you to monitor and manage employees internet activity. This guide will introduce you several aspects of deployment and usage of internet monitoring and filtering software. Please be aware that I am only going to talk about internet access monitoring, which does not include screen monitoring, USB forbiding and keystroke recording. The latter requires you to install a client agent in every computer. And internet monitoring only needs to be installed near the internet entrance.

How to deploy internet monitoring software?

  Though internet monitoring only needs to be installed near internet entrance, it is quite different for different network topologies.
  For “Router<->Switch<->Computers” networks, you need to setup a mirroring port in the switch to enable monitoring. If you are using ISA or wingate proxy server, you can do monitoring right in the proxy server.

How to monitor internet bandwidth?

  Upon properly deployed, you can easily monitor internet bandwidth and activities using internet monitoring software.
  Below let me take “WFilter Enterprise” as an example:
 
  Use WFilter’s “Active Connections” feature, you can have a clear view of all connections in your network.

Connections of a particular computer, you can kill established connections if you want.

For more details about “monitor internet bandwidth”, please refer to: How to monitor internet bandwidth?

How to monitor internet usage?

In “Online computers” of WFilter, click the numbers under each title to view detailed records.

How to block downloading?

To save bandwidth, inproper downloading shall be blocked. The below figure shows blocking of large size files and blocking by video files.

Blocking of video files.

For more details, please refer to “How to block downloading?”.