I use Untangle... but we're a very small school (400 undergrads), so this won't be the best choice for everyone.
Again, I also don't run that policy for the population at large. I watch my logs a little extra close for the first week or three and move students to the policy group as needed. Joel Coehoorn Director of Information Technology 402.363.5603 *[email protected] <[email protected]>* The mission of York College is to transform lives through Christ-centered education and to equip students for lifelong service to God, family, and society On Wed, Oct 8, 2014 at 11:12 AM, Bob Williamson <[email protected]> wrote: > Joel, > > > > I am curious what you are using that triggers a throttle/tarpit when > Bittorent is detected. > > > > Thanks, > > Bob Williamson > Network Administrator > Annie Wright Schools | 827 N Tacoma Ave, Tacoma, WA 98403 | www.aw.org > D: 253.272.2216 | F: 253.572.3616 | [email protected] > > *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto: > [email protected]] *On Behalf Of *Coehoorn, Joel > *Sent:* Wednesday, October 8, 2014 8:22 AM > *To:* [email protected] > *Subject:* Re: [WIRELESS-LAN] Cisco WLC AVC- Blocking most, but not all, > Bittorrent- Anyone else seeing this? > > > > I've found that some Bittorrent clients just do. not. give. up. > > > > You block a torrent, the clients will try, try again, often changing > something in how they send the messages: route over https, exclude certain > peers, etc, and eventually they sometimes find a way around the block. > > > > What I've seen that's most effective in really defeating bittorrent is > throttling/tarpitting the user's traffic: not just bittorrent itself, but > *everything* originating from that internal IP. Send them back to the dial > up era. When the bittorrent traffic stops, their connection returns to > normal within a few minutes. > > > > Students in this situation have figured out pretty quickly that bittorrent > was causing their slowness issues. From the student's perspective, > bittorrent breaks their computer. The great thing here is that it really > does tend to follow that thought process, and the blames tends to be > assigned to the protocol or something wrong with their bittorrent > configuration, rather than with your network. At this point, the behavior > is self-correcting. If a student does complain, you point them to > bittorrent as a possible factor, and they'll get it soon it enough. > > > > There's some good news/bad news for this approach, though. The good news > is that you don't have to detect every packet from every torrent stream for > a student to have an effective block. The bad news is that some unwanted > traffic still does get through (though usually not enough to offend the > copyright gods), and that there is a risk for small false positives > creating slow connections for innocent users... especially when there are > some legitimate bittorrent uses such as research data, linux distributions, > game updates, etc. I tend to not apply this policy to the population at > large, but only to those who have already tripped a flag somewhere: log > first, find where your torrenters are, and apply the tarpit policy rule to > that group. > > > > > > > > > Joel Coehoorn > Director of Information Technology > 402.363.5603 > *[email protected] <[email protected]>* > > The mission of York College is to transform lives through > Christ-centered education and to equip students for lifelong service to > God, family, and society > > > > On Wed, Oct 8, 2014 at 8:54 AM, Lee H Badman <[email protected]> wrote: > > We recently started relying on the 5508 AVC capability to block > Bittorrent, which it seems to do fairly well. But… we are getting an > increasing number of take-down notices where Bittorrent was used to do > something, but drilling into the data in PI shows that nothing was detected > by the WLC for the activity that led to the take-down. In other words, the > system doesn’t see the Bittorrent activity. > > > > We have all three Bittorrent protocols in use > (Bittorrent/encrypted/network), and can tell that most Bittorrent is indeed > being blocked. But what is getting by is probably sufficient enough that we > may have to abandon the WLC P2P strategy and go back to an appliance. Has > anyone been through this, and found anything else to add to the profile to > help stem the Bittorrent? (We also have the obvious ones like eDonky, etc) > > > > Thanks- > > > > Lee > > > > Lee Badman > > Wireless/Network Architect > > ITS, Syracuse University > > 315.443.3003 > > (Blog: http://wirednot.wordpress.com) > > > > > > > > ********** Participation and subscription information for this EDUCAUSE > Constituent Group discussion list can be found at > http://www.educause.edu/groups/. > > > > ********** Participation and subscription information for this EDUCAUSE > Constituent Group discussion list can be found at > http://www.educause.edu/groups/. > ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
