[Dshield] Are P2P applications worth the risk?

Mike Blomgren mike.blomgren at secode.com
Wed Oct 8 07:40:40 GMT 2003


Related to this discussion - does anyone have any good way of detecting
unauthorized P2P traffic in a corporate network?

I'm thinking in the lines of an IDS with a ruleset solely to detect P2P
traffic. Have used snort and Ciscos products, but find it difficult to
tweak the ruleset properly to accurately detect P2P traffic. Either the
rules are too generic with too many false positives, or too strict and
don't give an accurate view. 

Any ideas and thoughts are welcome. Apologies if this is OT.

~Mike


> -----Original Message-----
> From: list-bounces at dshield.org 
> [mailto:list-bounces at dshield.org] On Behalf Of Johannes Ullrich
> Sent: den 7 oktober 2003 19:39
> To: General DShield Discussion List
> Subject: Re: [Dshield] Are P2P applications worth the risk?
> 
> 
> 
> > Are P2P applications worth the risk?
> 
> no ;-)
> 




More information about the list mailing list