Step 3: Application-level filters

Packet filtering by itself is not enough though. If you are serious about blocking peer-to-peer-related network traffic, you need a firewall that does application filtering. Application filtering is kind of like an extension to stateful packet inspection. Stateful packet inspection can determine what type of protocol is being sent over each port, but application-level filters look at what a protocol is being used for. For example, an application-level filter might be able to tell the difference between HTTP traffic used to access a Web page and HTTP traffic used for file sharing, whereas a firewall that is only performing packet filtering would treat all HTTP traffic the same.

If you are thinking of buying a firewall that does application filtering, then be sure to look for one that is specifically designed to block peer-to-peer applications. The firewall manufacturer should also offer periodic updates that allow the firewall to block new file-sharing applications and new versions of existing peer-to-peer applications.

Blocking peer-to-peer applications

 Home: Introduction
 Step 1: Blocking peer-to-peer applications
 Step 2: Firewalls
 Step 3: Application-level filters
 Step 4: Software restriction with Group Policy

ABOUT THE AUTHOR:

Brien M. Posey, MCSE, is a Microsoft Most Valuable Professional for his work with Windows 2000 Server and IIS. He has served as CIO for a nationwide chain of hospitals and was once in charge of IT security for Fort Knox. As a freelance technical writer, he has written for Microsoft, TechTarget, CNET, ZDNet, MSD2D, Relevant Technologies and other technology companies. You can visit his personal Web site at www.brienposey.com. Copyright 2005 TechTarget

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Intrusion Detection Systems Buffer overflows can be prevented by GS cookies PatchGuard defends against rootkits in Windows Vista How did a rootkit get on my Windows machine? Can an antivirus program stop phishing attacks? Wireless network security testing An introduction to Google Hack Honeypots Step 4: Software restriction with Group Policy Challenge 9: The Root of the Problem Malware removal handbook Penetration testing for Windows systems Intrusion Detection Systems Research Intrusion Prevention Systems Cross-site Scripting 102: How to defend against cross-site scripting Buffer overflows can be prevented by GS cookies Malware prevention and detection webcast series Preventing malware with tools, patches and education Can an antivirus program stop phishing attacks? Wireless network security testing The bot invasion in Windows Comparing rootkit detection tools Checklist: 11 things to do after a hack Social engineering tactics for Windows users Product Flaws and Vulnerabilities Exploit code targets unpatched PowerPoint flaw Debunking the "Blue Pill" Vulnerability Theory Anatomy of the Blue Pill attack New Microsoft Word zero-day exploit discovered MS06-040 review: 'Urgently critical' patch release An introduction to Google Hack Honeypots Blocking peer-to-peer applications Step 1: Blocking peer-to-peer applications Step 2: Firewalls Step 4: Software restriction with Group Policy

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary