damn the users......
even though try all the way to block BT, Xunlei, those troublesome makers
one flashget program can kill all my efforts....
I think it's hard to block Flashget right?

Umm... if they are trying this hard to get around your blocks I assume that you have addresses and matched them to users?

The places I have Untangle have usage policies on the network and if I show up at someones desk and tell them to knock it off... it's filed. They get one warning, the next time around they have to pay for my time to fix them. And the third, they get the can. You can't resolve this one technologically man, but let me tell you when a head rolls because they were on a BT client.... People change their tunes really quick.

Umm... if they are trying this hard to get around your blocks I assume that you have addresses and matched them to users?

The places I have Untangle have usage policies on the network and if I show up at someones desk and tell them to knock it off... it's filed. They get one warning, the next time around they have to pay for my time to fix them. And the third, they get the can. You can't resolve this one technologically man, but let me tell you when a head rolls because they were on a BT client.... People change their tunes really quick.


So you mean only IT policies can solve this issues.
I only hope that the IT policy is the last defense, I have enough power to block all of the illegal software so they wont try any means to bypass the firewall settings in the future.

If so, maybe need to implement a AD to block software...

You can do it with Untangle if you want to load up each version of each of these programs, develop signatures you can use in Protocol Control, determine each server connection that is made to set up communications, and figure out each port. Then when you get done with this list, you will find out that they also use ports 53, 80 and 443 when all else fails. You then would need to block all communications to the outside world and make a list of specific ports and specific destinations in the outside world after each person complains. Long before that, you would probably have went to your manager and told them that they need to set up a zero-tolerance company policy on computer usage. The first person that gets fired would send a clear message to most others.

Yeah it's a matter of cost effective management. It is "possible" to lock down the network and kill all P2P... but the process of doing it is far more expensive than simply creating audit controls, read some logs, and act with correct information. Human behavioral problems are not best solved by technology. They are best solved by human interaction. The technology is only really there to make sure that other technology is behaving.

You're kidding, right?

You don't provide an acceptable usage policy from the start?!

WOW!

You can do it with Untangle if you want to load up each version of each of these programs, develop signatures you can use in Protocol Control, determine each server connection that is made to set up communications, and figure out each port. Then when you get done with this list, you will find out that they also use ports 53, 80 and 443 when all else fails. You then would need to block all communications to the outside world and make a list of specific ports and specific destinations in the outside world after each person complains. Long before that, you would probably have went to your manager and told them that they need to set up a zero-tolerance company policy on computer usage. The first person that gets fired would send a clear message to most others.



Actually I am interested in making signature but I still don't know how, is there any guidelines for me to make a signature for the programs?

Plus, I see the Virus Blocker have a function called "disable HTTP download resume", can it solve the Flashget / GetRight problem?