In order not to affect the normal business, the administrator of the enterprise network needs to try to close all the ports that BT may pass, block some specific seed publishing sites, and block the BT attempts in the enterprise as a whole.
Editor's note:
BT download is giving more and more harm business office, while BT download public network, telecommunication network, also is killin operational network bandwidth. Once the first "seed" (download source) appears, a large number of BT users will follow up and form a large-scale BT download network. Different from point-to-point, this “group survival” network, while reflecting the freedom of the Internet, also reflects the disorder of the Internet. And when this disorder is ┥5. 狡笠 < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < FTP, HTTP and other download methods are different. The more people use BT, the faster the speed. Traditional FTP, HTTP, and PUB transfer files from the server to the client. This causes problems. The increase in the number of users requires high bandwidth and high server performance, which also affects the stability of the server. Therefore, many servers will There are restrictions on the number of users and restrictions on the download speed, which causes a lot of inconvenience to the user. BT has fundamentally solved this problem. BT adopts a similar pyramid scheme to achieve sharing. At the same time of downloading, it also provides uploads for other users, so it will not reduce the download speed as the number of users increases. . It is very convenient to use, and its characteristics are simply: the more people download, the faster the speed.
popular BT software BitTorrent, PTC, Shareaza, BitTorrent ++ and so on.
● BitTorrent is a multi P2P download open source software, easy to use, like a browser plug-in, it is suitable for hot new release for download.
● PTC (Personal Torrents Collector) is one of the best software in BitTorrent download client. PTC's multi-threading capability enables users to download and upload resources in batches faster.
● Shareaza combines the features of popular P2P software such as eDonkey, Guntella and BT, and can be used for HTTP and FTP downloads. It has excellent interface, simple operation and strong curability.
● BitTorrent ++ function in a significant improvement than BitTorrent, and more humane, to make up for the lack of fine-tuning BitTorrent too simple defects, especially in sharing function. If you turn off BitTorrent++ midway, just open the program again and you will continue to download the original, without the trouble of BitTorrent's resume.
The BT download software for its unique advantages by the majority of users, but trouble has cropped up: If multiple users simultaneously using the BT download will take up a lot of network bandwidth, seriously affecting other users Normal work. In some enterprises' local area networks, school campus networks, and operators' metropolitan area networks, BT has abused network resources, which affects the development of other normal services. Therefore, in some environments it is absolutely necessary to strictly limit the user's BT download traffic or completely prohibit BT downloads. In general, the following seven most straightforward ways are available.
Restricted browsing BT website
There are many BT websites, but considering the characteristics of BT download: the more people download, the faster the speed; the more Seed, the faster the speed. Only the more popular BT sites will download more Torrent files. The average BT site will have fewer people to go to, and the number of people to download will be less unless he can tolerate a few K per second. Therefore, for the more popular BT websites, the URL filtering rules are configured on the security gateway. After that, the filtering Http_Filter function is enabled on the outbound interface, and access to them is prohibited.
Forbidden to access Tracker server
Tracker is a program running on the server, this program can track how many people are downloading the same file at the same time. When the client connects to the Tracker server, it will get a list of downloaders, and BT will automatically connect to other people's machines for download. Generally, access to the tracker server is performed in the form of HTTP.
If the enterprise network gateway with a graphical management log, you can check all the records information about HTTP, if BT download, then find the corresponding HTTP log messages according to message content can be Tracker Server information, which can then be configured on the device to prevent internal users from accessing the server. Number
Tracker server should be far less than the number of popular BT site, Torrent sites are a lot of other sites turn, if you can find out the addresses of these servers Tracker, which is a very effective method. With the Tianqing Hanma Multi-Function Security Gateway, the Tracker server can be easily found based on the query log.
BT download port closed BT
resolve harm to the LAN, the most thorough way is to not allow BT download, BT general use of 6881 ~ 6889 TCP port, the network administrator can The network traffic changes to determine the specific seed publishing site and port in the gateway. This information can be obtained in the Track in the BT download software; but now most BT software can modify the port number, so the network management can be based on the actual In the case, the closed port range is expanded as much as possible without affecting normal business, and some specific seed publishing sites and ports are closed.
limit user bandwidth
BT harm to the LAN reason, because it takes up a lot of network bandwidth. Therefore, limiting the network bandwidth used by each user can significantly alleviate the harm of BT to the network; at the same time, for some operational networks, it is unreasonable to completely prohibit BT use, and limiting the bandwidth used by each BT becomes a better choice. . Network administrators can use some management software or network hardware configuration to perform finer-grained rate limiting for application flows. For example, the priority of BT users is limited to 5 (0 highest, 7 lowest) and the bandwidth is limited to 64Kbps. This will ensure that the BT software is used without affecting the development of other services.
Limit the maximum number of connections
When using the BT software, the downloader periodically registers with the tracker so that the tracker can understand their progress and the data is directly connected between the downloaders. Upload and download, this connection uses the BitTorrent peer-to-peer protocol, which is based on TCP. Therefore, the network administrator can control the maximum number of TCP connections for these features, so as to control the BT's occupation of the network bandwidth.
Use the HTTP proxy to filter the application layer protocol
When the BT client downloads, the Tracker query must be performed. The Tracker receives the information through the parameters of the HTTP GET command, and responds to the other party ( The downloader is a Bencoded encoded message. The HTTP request packet carries the BT feature value User-Agent: BitTorrent.
For this situation, the network administrator can filter specific application layer data packets (such as HTTP data packets) through some security management devices, traffic management devices, and even network management system software, and then according to the BT data packets. The keyword (BitTorrent) filters BT packets from HTTP packets (as shown in Figure 1).
Blocking BT stream
There are still some BT software that do not use the HTTP to get the Peers list, but use the TCP/UDP protocol, but the BT stream still contains the "BitTorrent" signature. If the network device has a product that can identify the "BitTorrent" signature included in the BT stream, it is much easier to block or limit the bandwidth of the BT (as shown in Figure 2).