DeadDingo wrote:Ha, this is great, we are now being contacted by the Motion Picture Association of America and the Recording Industry Asociation of America.
Meh, just tell the copyright goon squad that it's not your company's duty to enforce their failed business model.
Kinda like how it's not Google's responsibility to mmitigate Oracle's failure or Samsung's job to ensure Apple makes a profit in the smartphone market, or...
If patent and copyright trolls were reasonable, none of this bullshit would be a problem. As it is, the OP's employer would probably be on the hook for one careless and selfish employee.
]]>block ports 1024-65535 these are the areas torrent apps use. try to find is ip(wirshark, and the like) and have a talk.
I agree, I'd go even further and bock outbound ports except the ones needed... just guessing TCP{21,22,80,443}. You should be blocking all unneeded outbound ports anyway.
Meh, just tell the copyright goon squad that it's not your company's duty to enforce their failed business model.
Unfortunately, this may not be the case depending on the country.
If you are required by law to prevent abuse of your network, this is a policy issue. You need to tell your boss that the law requires you implement measures to prevent this. Your organization can handel the problem one of three ways.
One, technically with you.
Two, legally in court with lawyers.
Three, financially by paying off the MPAA and RIAA.
The option that will save the organization the most money is option number one, technically with you.
It sounds like your boss may not allow you to do it with technical measures. If so, start forwarding the emails from the MPAA and RIAA to the accounting/billing department. That should light a fire under their butts
]]>DeadDingo wrote:Ha, this is great, we are now being contacted by the Motion Picture Association of America and the Recording Industry Asociation of America.
Meh, just tell the copyright goon squad that it's not your company's duty to enforce their failed business model.
It might be, depending on the law in the respective country.
]]>Ha, this is great, we are now being contacted by the Motion Picture Association of America and the Recording Industry Asociation of America.
Meh, just tell the copyright goon squad that it's not your company's duty to enforce their failed business model.
]]>@McDoenerKing
That is not a bad idea expecially now that we are receiving multiple messages about this daily.
@progandy
traceroute isn't a bad idea. Ill give that a try next time the guy pops up on the network. Also gonna spend some quality time with wireshark over the next little while.
We have about 10 different access points all broadcasting the same SSID. However, each access point is mounted outside on different buildings. So if I could figure out which SSID is associated to them I could narrow it down to what building it is coming from which would be a huge help. I'm not sure how to go about that, except by logging into each access point and checking the logs for that specific ip address. There must be a better way.
maybe a traceroute / tracepath to the ip lists your access points?
You could also wait for torrenting access and then shut down one AP after antother until the torrent traffic vanishes. (claim maintenance reasons, e.g. firmware update )
@DeadDingo
You might can use this case with your legal department to press changes in the network and security. I know that companies hate to be sued, because it means a lot of lost money. I do not know if your company is on isolated ground, but if it isn't it might even be a stranger, who found this honey pot for himself. If mac spoofing and such techniques are already in use, I would make a list of departments with tech savy people to have a smaller sample to look through first.
EDIT: Shutting down guest account should be the last resort, because whoever thinks it is fine to use his work's network to torrent deservers to be fired. It just shows bad personality which no one needs in a company.
]]>If the network is that big, why not just let him/her? Is doing the torrenting from a personal laptop, so probably is not doing constants massive traffic from a seedbox, but is just not turning off his/her torrent client (which probably auto-starts in background)
]]>I am going to spend a bit of time on WireShark the next few days to see if I can gather a bit more information on this issue.
]]>Is the wireless access for private use or are you using it for the workstations and computers too?
Every big company I have been too had static ip and wired access only. Personal laptops/smartphones weren't allowed for a reason.
We have about 10 different access points all broadcasting the same SSID. However, each access point is mounted outside on different buildings. So if I could figure out which SSID is associated to them I could narrow it down to what building it is coming from which would be a huge help. I'm not sure how to go about that, except by logging into each access point and checking the logs for that specific ip address. There must be a better way.
]]>