On 11/4/05, Christoph Egger <[EMAIL PROTECTED]> wrote: > The P2P traffic can be identified this way: > - The source IP from one client is always the same > - The client establishes lots of connections to many destination IP adresses
Use synproxy, max-src-states, and overload tables. Automagically locks out agressive clients such as viruses and P2P users (and people browsing Fark photoshop threads). For bonus points, script the addition of the MAC address to your switching ACLs. -- Jon Simola Systems Administrator ABC Communications
