On Mon, 18 Sep 2000, Stewart Dean wrote:
> How do you track bandwidth abusers at the firewall? Can you identify
Typically, in the past I've used network sniffers to track traffic from
each address. Internally you can probably use QoS to limit the
effectiveness of the abuse.
> locations heavily used by abusers? What tactics have you come up with to deal
> with Gnutella and Scour?
The "tunnel anything over anything that can get through the firewall"-type
programs have increasingly become a poicy and administration headache. If
you can't get users to abide by policy, then technical solutions aren't
going to be any fun. You might look at blocking sites that high-bandwidth
abusers go to for periods of time, though it's not going to be 100%
effective, it may be "good enough." With proxies you might be able to
block more native protocols, though I'd expect a school to be full of
special exceptions that make it difficult to lock down (or empty of
students which is a worse result.)
Paul
-----------------------------------------------------------------------------
Paul D. Robertson "My statements in this message are personal opinions
[EMAIL PROTECTED] which may have no basis whatsoever in fact."
PSB#9280
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
