Detecting and preventing peer-to-peer connections by Linux iptables
Most of companies use Linux iptables as their edge networks’ firewall. Although Linux iptables is a reputed secure stateful packet filter firewall package, it has some weaknesses. This package can not detect or control all peer-to-peer connections. One of the packages which is written for Linux ipta...
Saved in:
| Main Authors: | , |
|---|---|
| Format: | Conference or Workshop Item |
| Language: | English |
| Published: |
IEEE
2008
|
| Online Access: | http://psasir.upm.edu.my/id/eprint/2686/1/Detecting%20and%20preventing%20peer-to-peer%20connections%20by%20Linux%20iptables.pdf http://psasir.upm.edu.my/id/eprint/2686/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Universiti Putra Malaysia |
| Language: | English |
| Summary: | Most of companies use Linux iptables as their edge networks’ firewall. Although Linux iptables is a reputed secure stateful packet filter firewall package, it has some weaknesses. This package can not detect or control all peer-to-peer connections. One of the packages which is written for Linux iptables to manage peer-to-peer connections is layer 7-module. This module can not detect all peer-to-peer connections and drop them. Some peer-to-peer connections which use HTTP port for connecting to other peers are detected with this netfilter’s patch-o-matic but those which use static ports or dynamic ports for connecting to peers can not be detected with this module. For controlling peer-to-peer connections investigator blocked some peer-to-peer well known static ports with Linux iptables and then, for increasing the control of other peer-to-peer applications which used dynamic ports, he used QOS rules. Although this trend could drop most of peer-to-peer connections and save internet bandwidth, it was not the complete solution. He decided to control peer-to-peer connections by implementing a new module which checks peer-to-peer payloads in his next investigation. |
|---|