Blocking Peer-to-Peer downloads with Cloud DNS filtering

P2p downloads soak up bandwidth and expose WiFi providers to legal risk. To deal with this risk most providers make the sensible decision to install some sort of web filtering product, usually DNS based filtering because its quick and simple to install.

Most web filtering software on the market attempts to block p2p by blocking access to the web sites used to list p2p content. A rather obvious and straight forward one would think.

However, this is like playing whack-a-mole. Download sites expect to be blocked so they register tens and hundreds of different sites. As an example, the well known Piratebay at the last count had at least 214 different domains registered with simple variations on its name.

Block a domain, another two pop up. There has to be a better way.

Peer to Peer-to-Peer

Bittorrent clients work by connecting to a swarm of other torrent clients (peers) serving chunks of the file. To start a download users use a special link called a magnet link that contains information on how to find that swarm of peers. The link contains the names of trackers. Trackers are special nodes that serve as bullettin boards for a torrent client to find peers.

Trackers are a natural choke point as they serve as a central clearing house for peers. Blocking access to the trackers prevents torrent clients from finding peers. Without at least one other peer, a client does not have the information necessary to start a download.

Putting the boot into boot strapping.

With our latest update, we have automated bots that go out and specifically search for trackers and add them to our database. Any device that is on a network filtered with our CloudDNS service will be unable to connect to trackers. To benefit from this update, CloudDNS customers simply block the Peer-to-Peer category.

Below is a screen shot of a torrent client blocked using CloudDNS.

No copyrights were harmed in the making of this screenshot.

No copyrights were harmed in the making of this screenshot.

 

Arms Race

Of course, this is an arms race. Our latest update will put a stop to some, but not all, illegal downloading. CloudDNS helps save valuable bandwidth, bandwidth to access legitimate content, faster.

The race never ends and we are always exploring new ways to make sure WiFi remains a safe, secure way to access the net.

Related posts

Rawstream's new Threat Huntr™: now you can hunt cyber threats rather than wait for an attack

Be Proactive with Cyber Security Rawstream’s new Threat Huntr™ proactively searches for unknown, active threats in an environment It is the new gold standard for endpoint security. Malware or attackers can be lurking in your network quietly siphoning off data, or working their way across the...

Wildcard Support for Cloud DNS Filtering

From today, Rawstream Network Security adds the capability to allow or block domains based on wildcards. Wildcard support is being rolled out across all our DNS IPs right now and will be complete across the next few hours. The entries will match on the full domain queried, including...

New: MX Logging

New: MX Logging

We've recently updated Rawstream Network Security to collect and report DNS MX requests. This matters because it can help organisations detect potential security breaches. Mail Exchanges DNS is the internet's telephone directory. When you to browse to example.com, the browser looks up...