SBS 2003 network preventing P2P software

Discussion in 'Windows Small Business Server' started by Aart Jansen, Jan 7, 2009.

  1. Aart Jansen

    Aart Jansen Guest

    I have a client who has local admin rights on many laptops, as the users own
    their laptops.

    Is there a way to prevent P2P applications running while on the SBS network
    ?

    Thanks in advance,
    Aart
     
    Aart Jansen, Jan 7, 2009
    #1
    1. Advertisements

  2. Aart Jansen

    kj [SBS MVP] Guest

    You could add your own group policy specifiying firewall restrictions in the
    "network/network connections/windows firewall/domain profile".

    However, as a local admin and owner of the computer the user *could*
    circumvent that policy. Wouldn't necessarily be a complete lockout, but it
    would make it more challengeing and difficult for them to use their P2P's
    while connected to the domain. You'd want to setup and test thouroughly
    before you impose this policy upon someone else's property (laptop).

    Blocking at the network firewall would provide the best way to prevent the
    applications from interacting with external resoruces, but internal to
    internal connections would still function.
     
    kj [SBS MVP], Jan 7, 2009
    #2
    1. Advertisements

  3. Aart Jansen

    Les Connor Guest

    opendns might be an option here, you can use their dashboard to block stuff.
     
    Les Connor, Jan 7, 2009
    #3
  4. Aart Jansen

    kj [SBS MVP] Guest

    Undoubtedly it would help with some. Unfortunatly not all as it is possible
    to programatically use alternate DNS servers, fixed IPs (bypass name to
    number translation all together), and other port probbing like devious P2P
    methods. Also owners (Local Admins) can overirde the dns client settings of
    DHCP and specificy their own ( at least in XP and Vista too I think)

    Can't hurt though.
     
    kj [SBS MVP], Jan 8, 2009
    #4
  5. Have you thought about blocking upnp, manually allowing the ports needed
    for general business activity and distribute a policy for each staff
    member to sign regarding internet use ?

    It would seem to me that the more restrictive you become, the more
    resourceful people become. they always seem to find a way around the
    restrictions. I think there needs to be more policies and procedures out
    there. People need to know what dangers p2p bring and that there is a
    policy.

    Much the same as trying to block facebook etc ... Very hard to
    impliment.
    --
    Michael J. Jenkin, Senior Systems Engineer

    Director - Business Technology Partners Pty Ltd (Australia) - Microsoft
    Small Business Specialists
    Webmaster - http://www.mickyj.com, Community website with SBS answers,
    blog and AntiMalware Tools.

    Follow me on Twitter - http://twitter.com/mickyj
     
    Michael Jenkin (mickyj.com), Jan 9, 2009
    #5
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.