Blog Home  Home Feed your aggregator (RSS 2.0)  
IMFirewall Blog - Tuesday, January 08, 2008
Block Internet Access,Block P2P,Web Filtering
 
Archive
<January 2008>
SunMonTueWedThuFriSat
303112345
6789101112
13141516171819
20212223242526
272829303112
3456789
February, 2012 (1)
November, 2011 (1)
October, 2011 (1)
September, 2011 (1)
June, 2011 (1)
April, 2011 (2)
March, 2011 (1)
January, 2011 (1)
December, 2010 (5)
November, 2010 (2)
October, 2010 (3)
September, 2010 (4)
August, 2010 (3)
July, 2010 (1)
June, 2010 (1)
May, 2010 (2)
April, 2010 (3)
March, 2010 (1)
January, 2010 (4)
December, 2009 (4)
November, 2009 (5)
October, 2009 (1)
September, 2009 (1)
August, 2009 (4)
July, 2009 (1)
April, 2009 (1)
January, 2009 (1)
December, 2008 (1)
May, 2008 (1)
April, 2008 (2)
January, 2008 (1)
July, 2007 (3)
June, 2007 (6)
May, 2007 (4)
July, 2005 (1)
Navigation
Business Web Filtering
Online Marketing
IMFirewall Forum
P2P Blocker
Business Internet Filtering
Business Internet Monitoring
Business Email Monitoring
Block Internet Access
Monitor Employees
Home
Categories
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Blogroll
 blogcatalog
Contact
Send mail to the author(s) Email Me

Disclaimer
The opinions expressed herein are my own personal opinions and do not represent my employer's view in any way.

Sign In
# Tuesday, January 08, 2008
IMFirewall P2P Classify Engine Introduction by Administrator

IMFirewall P2P Classify Engine Introduction

1    Introduction

IMFirewall Software is a professional Internet filtering software provider. We focus on Internet information security and providing customers with a comprehensive approach to manage the Internet usage of enterprise network since founded in 2004. By 2007-10, protocols number supported in our pattern database has reached over 90. And our pattern analysis team is monitoring and analyzing protocols everyday.

2       Supported Pattern Type

Three pattern types are supported:

1.      Signature Pattern

You may call it digit signature. As most p2p programs do not has a fix port range nor central servers. The only way to match them is by signature match. IMFirewall pattern matching engine scans every connection for signature of existing protocols..

2.      Port Pattern

IMFirewall pattern matching engine can also recognize protocols by port or port range.

3.      HTTP Pattern

Because more and more protocols are using HTTP protocol or HTTP tunnel to communicate, our pattern-matching engine also checks http mime-header for signatures. HTTP pattern is powerful to recognize http-based protocols.

3       Pattern Matching Speed

We test the speed of each pattern when new pattern found, the standard speed is 20,000 matches in 1 second.

4       Quick Response for New (Updated) Protocols

As protocols may vary from time to time, it is necessary to keep the pattern database up to date in time.

We have a protocol/programs monitoring system, which will monitor the website and files on official websites of each protocol. Once there is a change, the system will notify our protocol analysis team to test it.

This makes us a quick response for new (updated) protocols. Usually, a updated protocol can be added to our pattern database in 2-3 business days.

 

Links: Supported protocols list of WFilter

 

Tuesday, January 08, 2008 11:54:34 AM (GMT Standard Time, UTC+00:00)    Block Messenger | Block P2P | Content Filter  |   |  Trackback
# Friday, July 20, 2007
How to Block Bittorrent and bitcomet using WFilter by Administrator

Someone told me WFilter can not block bittorrent downloading. So I did some research yesterday.

I downloaded both bittorrent and bitcomet from their official website. I also downloaded an availble torrent file from bittorrent.com.

Turning "Block P2P" on in WFilter console, then use bitcomet to download, the download never begined. However, when I use bittorrent to download, it will start downloading after trying for a few seconds.

This is really interesting. Since WFilter can detect and block bittorrent traffic using pattern match, this should not happen. So what's the reason? After detailed analysis of the network traffic, I found bittorrent also download data directly from bittorrent.com using http protocol. That means bittorrent not only use p2p downloading, but also can download files directly from the website.

Knowing that, I added "bittorrent.com" in the black list of wfilter's website black&white list, then did the download again. Aha, bittorrent never be able to download any files.

 

 

Friday, July 20, 2007 10:38:55 AM (GMT Daylight Time, UTC+01:00)    Block P2P  |   |  Trackback
# Sunday, July 08, 2007
WFilter configuration examples. by Bruce Geng

Here we've added some configuration examples of wfilter:

# Title Description
1
 Website Black/white List Configuration Example of website black and white list configuration.
2
 Email Black/White List Configuration Example of email black and white list configuration.
3
 ID based Black/White List Configuration Example of ID based black and white list configuration.
4
 Example of Blocking QQ Examples of blocking QQ, blocking QQ file transfer and QQ id black&white list configuration.
5
 Example of Blocking MSN Examples of blocking MSN, blocking MSN file transfer and MSN id black&white list configuration.
Sunday, July 08, 2007 9:25:58 AM (GMT Daylight Time, UTC+01:00)    Content Filter  |   |  Trackback
WFilter deployment examples. by Bruce Geng

We've added some wfilter deployment examples in pratice.

# Title Description
1
 Deploy WFilter using Dlink2366 Using Dlink2366 port mirror switch to deploy WFilter.
2
 Deploy WFilter using Quidway S5012p Using Huawei QuidwayS5012p to deploy WFilter.
3
 Wireless Network Monitoring Example Example of wireless network monitoring
4
 Deploy WFilter using cisco 2950 Example of deploy WFilter using cisco 2950 with ISA Server.

Sunday, July 08, 2007 9:24:44 AM (GMT Daylight Time, UTC+01:00)    Deployment  |   |  Trackback
# Friday, June 29, 2007
How to block msn file transfer? by Administrator

MSN, also called as live messenger is widely used. Windows Live Messenger gives you brilliant ways to connect and share your photos (and other stuff). Contact lists, emoticons, instant access to your friends.

However, sending and receiving files using MSN will face some security risk. External users can send files that might contain viruses or malicious code to users on the internal network. In addition, a liability risk arises if employees use the file transfer feature to share copyrighted music, movie or software files in violation of the law.

How to block msn file transfer?

MSN transfers files using dynamic ports which are negotiated. So it is impossilbe to block msn file transfer ports.

WFilter provides a efficient way to block msn file transfer. By using WFilter, It is very easy for you to detect and block MSN file transfers.

A more detailed example can be found here:

Example of blocking msn

Friday, June 29, 2007 9:42:01 AM (GMT Daylight Time, UTC+01:00)    Block P2P | Block Messenger  |   |  Trackback
# Thursday, June 28, 2007
How to block P2P traffic using WFilter by Administrator

A pure peer-to-peer network does not have the notion of clients or servers, but only equal peer nodes that simultaneously function as both "clients" and "servers" to the other nodes on the network. This model of network arrangement differs from the client-server model where communication is usually to and from a central server.

Some networks and channels such as Napster, OpenNAP and IRC server channels use a client-server structure for some tasks (e.g. searching) and a peer-to-peer structure for others. Networks such as Gnutella use a peer-to-peer structure for all purposes, and are sometimes referred to as true peer-to-peer networks, although Gnutella is greatly facilitated by directory servers that inform peers of the network addresses of other peers.

As you can see from above, a peer-to-peer network is complex and it is almost impossible for you to block p2p in the router or the gateway.

WFilter provides a efficient way to block p2p traffic by signature match. By using WFilter, It is very easy for you to detect and block p2p traffic and file downloading.

WFilter related features:

  • Detect p2p traffic in your network.
  • Implement a policy to block certain p2p traffic.
  • Support over 30 p2p protocols, cover most common p2p softwares.
  • Define a file extension list forbidden from being download.

 

Thursday, June 28, 2007 2:01:12 PM (GMT Daylight Time, UTC+01:00)    Block P2P | How to block p2p  |   |  Trackback
Copyright © 2012 IMFirewall Software. All rights reserved.
DasBlog 'Portal' theme by Johnny Hughes.
Pick a theme: