So what sort of hardware do I need to block P2P traffic as completely as possible? i.e. more than blocking ports, putting the brakes on people downloading crazy data.It's in a motel situation, and I need to do work, whereas the proprietors are concerned about copyright infringement. I have the technical skills to be able to set a system up, but I'm no network engineer, so would appreciate any input.
Or you could put a smoothwall or other firewall pc or even install it on a rasppi and place it between the router and wan link/internet link.
The Problem:It is simply not possible to rely on port numbers in order to determine what applications are running on a network. Standard applications can run on non-standard ports, malicious or bandwidth hungry applications can run on random ports or standard ports pretending to be another application, and some applications spawn child connections on random ports. Making network infrastructure decisions or enforcing Quality of Service becomes impossible without knowing exactly what’s running on the network.Exinda Layer 7 Discovery:Exinda uses L7 signatures in conjunction with advanced pattern matching technology and proprietary connection analysis technology to discover applications at layer 7. The L7 discovery system provides the following benefits.Discovery of applications running on non-standard ports (e.g. HTTP over ports other than 80).Discovery of applications using seemingly random ports (e.g. P2P).Discovery of applications pretending to be another application by deliberately using standard ports (e.g. P2P, steaming, IM over HTTP, port 80).Discovery of applications that spawn child connections on random ports (e.g. FTP, SIP).Discovery of applications that are fully encrypted like BitTorrent and Skype
