Find your solution!

LisaKimBryant · 21-Aug-2008, 07:15 PM #1

I received a letter from my ISP, stating they received a letter from the MPAA, stating that a computer in my network shared an ipod movie on July 31, 2008, using gnutella, via port 48026. I have tested my router's security and that port is not open. My ISP cannot give me a mac address, and I have a call in to the MPAA. I'm taking this seriously because my ISP will terminate my service if they receive three notices total.

My problem is I have a client-client network of about 40 computers, and then some staff members will also bring in their personal laptop to connect to our network. Very difficult for me to pinpoint who the culprit computer belongs to.

We do have a policy of no peer-to-peer filesharing, but someone's computer might be inadvertently sharing a file. Is there a way to disallow p2p filesharing from the router? We use a Linksys WRT54G, but I'm thinking of switching to a DLink DIR-615.

Thank you.

LisaKimBryant · 21-Aug-2008, 10:37 PM #2

Or, how about software that I can use to monitor network activity?

lunarlander · 21-Aug-2008, 10:44 PM #3

The port does not have to be open/forwarded for p2p filesharing to work.

Yes, there are hardware firewalls like the CheckPoint Safe@Office which can forbid p2p protocols.

To sniff all network traffic, you need a switch with a SPAN/mirror port which sees all traffic in the LAN.

Billyd65 · 22-Aug-2008, 07:30 PM #4

I presume you are the owner of a small business, so I am proceeding on that premise. First, due to the nature of how a router works, unless you specifically allow it, your ISP will not be able to tell you the MAC address of the offending system.

On to solving your problem:

First, make sure that you are using the security features built in to your router.
WEP at the minimum with 128 bit encryption strength. WPA is better.
Utilize MAC filtering. This will help prevent someone from outside your organization utilizing your connection. Also, turn on logging and have the log sent to your machine. A useful utility for viewing the logs is Syslog from Kiwi. This will permit you to see which machines are doing what.

I would also suggest that you turn off DHCP and assign a static IP to each system that is authorized access to your network. Next, were I you, I would severely limit the number of personal laptops permitted onto the network.

Tag Cloud
access audio blue screen boot bsod connection crash dell desktop driver dvd email error excel excel 2003 firefox hard drive hardware hijackthis internet keyboard laptop malware monitor motherboard network networking outlook problem processor ram recovery router screen slow sound spyware tdlwsp.dll trojan upgrade vba video virus vista vundo windows windows 7 windows vista windows xp wireless

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)

Search
Search for: