Caution - Internet, copyright infringement & rentals

[SGB]

Ok, went to look to see what my router allows me to do and it appears I can only "blacklist" services. The services that are listed that I can blacklist are:
DNS
Ping
HTTP
HTTPS
FTP
POP3
IMAP
SMTP
NNTP
Telnet
SNMP
TFTP
IKE

My router is a couple of years old, so it probably doesn't have the latest and greatest (and it's out of warranty, so no free customer service). Will blocking any of the above help and still allow normal internet use?

I can also block any website I'd like, but wouldn't it be next to impossible to block all the ones needed?

There are two ways to approach controlling what gets through; whitelisting and blacklisting. Whitelisting is implicitly allowing only certain protocols, and blacklisting is implicitly blocking certain protocols. For a home/rental network, whitelisting makes the most sense, and is the easiest to implement. My router, for example, is a DLink AirExpress, and in the Filter section of the Admin Tools, it lists the most common TCP/UDP ports and allows you to restrict/allow access.

There is a fairly comprehensive list of TCP/UDP ports and their use at:

List of TCP and UDP port numbers - Wikipedia, the free encyclopedia

So, for example, the DLink shows:

TCP 20/21 (used for FTP)
TCP 80 (used for http, which is your common browser protocol)
TCP 443 (https, secured browsing)
UDP 53 (DNS, domain name service)
TCP 25 (smtp, which is mail)
TCP 110 (pop3, mail)
TCP 23 (telnet)

These are the most commonly used ports; by allowing only these ports (whitelisting), your guests can browse, get email, etc.

My suggestion is that you contact the tech support for your router, and explain the situation to them. With any luck, they will know more than MediaCom does.

PS: Nothing is foolproof. If you have a real geek in the house, they can override the default ports for BitTorrent and do their download anyway. This will, however, stop MOST of the P2P traffic. It also demonstrates that you actively attempted to stop this activity (which is more than MediaCom does), in the event they do try to slap a big fine on you.

 

[30ashopper]

Blocking bit torrent is much harder than some other p2p sharing networks because it works on a large block of ports that are often used by other more legitimate apps. Mediacom could do it, but probably isn't willing because Comcast was recently fined for doing so. I think your approach of persuading guests not to do such things is the best bet. Let them know media com is monitoring the connection for illegal activity and that if caught doing so constitutes breach of contract. Maybe you could tie loss of deposit to it or something.

 

[scooterbug44]

Considering the severity of what can happen to you, I would just stop offering internet access to renters - and tell them why!

"We can no longer offer internet access because of previous guests' illegal downloads."

And provide a list of nearby locations that have it.

 

[Matt J]

OpenDNS | Providing A Safer And Faster Internet

Don't worry about the endless jargon regarding DNS and IP addresses. The service is free and can be used by rental owners or parents who want to filter out certain things. It's very effective as it isn't installed on the computer or hardware, but a remote service that allows you to block certain things. It's essentially a proxy service. It's hard for a user to identify and disable. Most kids and renters would have problems without the password to the router. Best to keep it locked up or monitored since a simple reset (not powered off and on) can bypass this, but it's obvious then that someone did so.

 

[SGB]

OpenDNS | Providing A Safer And Faster Internet

Don't worry about the endless jargon regarding DNS and IP addresses. The service is free and can be used by rental owners or parents who want to filter out certain things. It's very effective as it isn't installed on the computer or hardware, but a remote service that allows you to block certain things. It's essentially a proxy service. It's hard for a user to identify and disable. Most kids and renters would have problems without the password to the router. Best to keep it locked up or monitored since a simple reset (not powered off and on) can bypass this, but it's obvious then that someone did so.

Thanks! That sounds like it might be the answer!

 

[SGB]

Update - I have enabled the OpenDNS that was suggested. So far it seems to be working. We'll see what the renters have to say - I've blocked them from using P2P and porno. If someone complains, we'll know what they were trying to do!

Thanks for the help. If someone else runs into this problem, I'd love to hear about it.

 

[Matt J]

Update - I have enabled the OpenDNS that was suggested. So far it seems to be working. We'll see what the renters have to say - I've blocked them from using P2P and porno. If someone complains, we'll know what they were trying to do!

Thanks for the help. If someone else runs into this problem, I'd love to hear about it.

Is your router locked up? One hit of the reset button and they'll have full access again. ;-)

 

[SGB]

Is your router locked up? One hit of the reset button and they'll have full access again. ;-)

Yeah, I realize that, but haven't come up with a good solution that will work for me yet. Thanks for your help!