Problem solve Get help with specific problems with your technologies, process and projects.

Step 3: The "block the nexus" approach: P2P

In the wrong hands IM and P2P file sharing can be too much of a risk for your organization. There are many ways to block this traffic, but some are more elegant -- with less adverse effects -- than others. Contributor Serdar Yegulalp details this process in this step-by-step guide.

With peer-to-peer file-sharing clients, blocking central servers isn't as effective a method as it is for blocking IM. Many P2P clients no longer use a central server. Instead, they keep a round-robin cache of the last known good peers and try to connect between them. If the local cache is exhausted, they can connect with a cache on the Web to obtain a fresh list of peers. Clients that use the Gnutella network mechanism (eMule, eDonkey, LimeWire, etc.) work this way.

BitTorrent, the increasingly popular peer-to-peer file-sharing and download-acceleration system, uses a combination of approaches. A central server, known as a torrent server or torrent host, stores a list of available clients from which a given file can be downloaded. The actual file is downloaded from multiple peers at once to speed things up. Because of this decentralized approach, BitTorrent (BT) has become very popular in illegal file-sharing circles -- no one server ever hosts a copy of the file, so any legal responsibility is diffused. However, BitTorrent is also now used as a legitimate file-distribution system by many companies. Many Linux distributions, for instance, are available as torrents to keep mirror servers from being overloaded -- so it may not be fair to block BT.

If you're hesitant to block BT entirely, one step you can take to prevent BT abuse is to block access to torrent-hosting sites that you suspect are of questionable legality.,, and a number of others can be blocked easily through a firewall or other access-control mechanism. This way, you won't stop legitimate BitTorrent use -- although you may want to throttle the amount of traffic (i.e., bandwidth) that an individual client can use on the ports BitTorrent uses most often. The most commonly used TCP ports for BitTorrent, 6881-6999, should be restricted by total bandwidth per user rather than number of open connections since BT opens many inbound connections (usually 2 to 4 per file) by design.

Blocking IM and P2P

 Home: Introduction
 Step 1: The "easy, but stupid" approach
 Step 2: The "block the nexus" approach: IM
 Step 3: The "block the nexus" approach: P2P
 Step 4: The "block the application" approach

More information from

  • News: Malcode targets Windows, IM users
  • Tip: Five steps to lockdown peer-to-peer networks

    Serdar Yegulalp is editor of the Windows Power Users Newsletter. Check it out for the latest advice and musings on the world of Windows network administrators -- and please share your thoughts as well!

    Copyright 2005 TechTarget

    Dig Deeper on Windows Server troubleshooting

    Start the conversation

    Send me notifications when other members comment.

    Please create a username to comment.