How to stop downloads from YTD YouTube Downloader software



  • How can I block my users to download the file from youtube, I had already configured to block all extentions, and its working when the extention file is clicked directly for download it gets blocked. But when any users wants to download any video from youtube, is able to download from YTD YouTube Downloader software which is been installed on their own machines. Is there any way to block drwnload from that software too.


  • Netgate Administrator

    I think anything you did to prevent this would block all youtube video not just YTD.
    Have you tried blocking .flv files? What files does YTD produce?

    Also this sub forum is really for completely off topic stuff, you'll probably get more answers in the 'pfSense English Support» General Questions' sub forum.

    Steve



  • @stephenw10:

    I think anything you did to prevent this would block all youtube video not just YTD.
    Have you tried blocking .flv files? What files does YTD produce?

    Also this sub forum is really for completely off topic stuff, you'll probably get more answers in the 'pfSense English Support» General Questions' sub forum.

    Steve

    Here is the list what I had blocked,
    (./..(asf|wm|wma|wmv|midi|vob|mkv|3gp|mp3|mp4|avi|mpg|exe|mpeg|mp.|mpv|mp3|flv|wm.|webm|vpu))
    But it blocks only if the files is been downloaded from any website. YTD YouTube Downloader & Converter, is an application which we can install on our machine and can download the link coppied from the youtube and paste in this application and start download, I had already blocked youtube for weekdays, but on weekends users are allowed to use youtube, but people take advantage of it and starts downloading movies. I want to allow youtube to be browsed, but user should not able to download, it should get blocked the same way i had blocked in my extention download list. Even extention download list is kept blocked for all times and never been opened


  • Netgate Administrator

    The problem you have is that youtube is not a streaming service. When a clip is played it is downloaded at whatever speed can be achieved by the internet connection. Thus youtube downloader can also download the clip. Youtube try to hide the file source but it's still there.

    To prevent YTD working you will have to block youtube.

    I could be wrong about this!

    Steve



  • Suggestions:

    • Search for 'squid block youtube by mime type', add this to your squid config, in addition to blocking by file extensions.
    • Do a tcpdump to see how youtube downloader is requesting/downloading the file and proceed based on that.


  • Correct me if I'm wrong, but doesn't the YTD just take the data/file that would otherwise be rendered in the browser and just save it to the hard drive?  Assuming so, the web stream would look the same to everything but the 7th layer, only the application would know the difference, I don't think even layer 6 would see the difference since it's the same format, just dealt with by the application differently (Other than an application declaration, unless it just reports itself as a standard browser anyway.)

    What I'm getting at is since the data is the same, I don't think you can systematically control what a user does with the data once they get it unless you can control the end devices and deny the installation or running of the application itself; but I'm pretty sure you can't do that in the transport layers.

    If YTD could be blocked in the transport or even server side, YouTube probably would be blocking it already.



  • @nearones:

    Here is the list what I had blocked,
    (./..(asf|wm|wma|wmv|midi|vob|mkv|3gp|mp3|mp4|avi|mpg|exe|mpeg|mp.|mpv|mp3|flv|wm.|webm|vpu))
    But it blocks only if the files is been downloaded from any website. YTD YouTube Downloader & Converter, is an application which we can install on our machine and can download the link coppied from the youtube and paste in this application and start download, I had already blocked youtube for weekdays, but on weekends users are allowed to use youtube, but people take advantage of it and starts downloading movies. I want to allow youtube to be browsed, but user should not able to download, it should get blocked the same way i had blocked in my extention download list. Even extention download list is kept blocked for all times and never been opened

    If I get what you are saying right…  You can't quite do what you want to.

    You either block youtube videos completely or you allow it.  YTD acts like a browser so you can't just block YTD but allow regular browsers to go through.

    The best you can do is to use more advanced ACL configurations on SQUID along with delay pools to throttle the bandwidth.


  • Netgate Administrator

    ^^
    What these guys said.

    That's what I was trying to say but you guys articulated it better.  ;)

    Steve



  • @thermo:

    Suggestions:

    • Search for 'squid block youtube by mime type', add this to your squid config, in addition to blocking by file extensions.
    • Do a tcpdump to see how youtube downloader is requesting/downloading the file and proceed based on that.

    Can some one guide me how to make rule for mime type in pfsense, i had gon through many docs, but all r on SQUID



  • @nearones:

    Can some one guide me how to make rule for mime type in pfsense, i had gon through many docs, but all r on SQUID

    You don't.  You use the MIME blocking for Squid installed as a package in pfSense.  However, this will block normal browsers from viewing youtube as well.  That's that.  No buts.

    Short of actually sniffing traffic and writing your own layer7 patterns to block YTD, you're out of luck.
    Even so, I believe that YTD, like most download software can spoof normal browser traffic so you would be out of luck there as well.

    What you have isn't a network policy problem.  It's a system policy problem.
    If you want to stop YTD, get on the systems and actually amend the GPs to prevent it from installing or running to begin with.  Alternatively, use a software firewall on the system that simply drops traffic originating from the YTD software.



  • @dreamslacker:

    @nearones:

    Can some one guide me how to make rule for mime type in pfsense, i had gon through many docs, but all r on SQUID

    You don't.  You use the MIME blocking for Squid installed as a package in pfSense.  However, this will block normal browsers from viewing youtube as well.  That's that.  No buts.

    Short of actually sniffing traffic and writing your own layer7 patterns to block YTD, you're out of luck.
    Even so, I believe that YTD, like most download software can spoof normal browser traffic so you would be out of luck there as well.

    What you have isn't a network policy problem.  It's a system policy problem.
    If you want to stop YTD, get on the systems and actually amend the GPs to prevent it from installing or running to begin with.  Alternatively, use a software firewall on the system that simply drops traffic originating from the YTD software.

    You use the MIME blocking for Squid installed as a package in pfSense.  However, this will block normal browsers from viewing youtube as well.

    What u said is also the good method to block some other websites like onlinegames, porn websites. But how can i do that in pfsense.


Locked