https://community.cisco.com/t5/network-security/asa-bit-torrent-blocking/m-p/1845821#M460291 <HTML><HEAD></HEAD><BODY><P>bitorrent and many others P2P programs are quite smart about not getting blocked using many mechanisms: </P><P>- random source and destination ports</P><P>- payload encryption </P><P>- tunneling/piggybacking on top of HTTP.</P><P>- UPNP usage. </P><P></P><P>It's almost impossible to completly block all P2P activity save for deep packet inspection and looking for patterns. </P><P>There are almost no reasoanly effective STATIC mechanisms to block p2p (IPS devices will have some luck with signatures, but may not be able to match patterns if encryption is used).</P><P></P><P>The most successful block I saw was default deny policy for LAN users + proxying of HTTP/HTTPS <span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span></P><P></P><P>TL;DR Bittorrent is using lots of different tricks to avoid detection. You may be able to block some activity with static methods, but it's trickier to do it completly. </P></BODY></HTML> Wed, 01 Feb 2012 11:49:55 GMT Marcin Latosiewicz 2012-02-01T11:49:55Z https://community.cisco.com/t5/network-security/asa-bit-torrent-blocking/m-p/1845820#M460290 <P>Hi, does anyone why it is nigh impossible to block bit torrent with the ASA firewall. We have a ASA 5520 running 8.4 IOS.</P><P>But (correct me if im wrong) the router based IOS firewall allows this functionality?? Whether CBAC, class maps etc.</P> Mon, 11 Mar 2019 22:22:20 GMT https://community.cisco.com/t5/network-security/asa-bit-torrent-blocking/m-p/1845820#M460290 _cdale 2019-03-11T22:22:20Z https://community.cisco.com/t5/network-security/asa-bit-torrent-blocking/m-p/1845821#M460291 <HTML><HEAD></HEAD><BODY><P>bitorrent and many others P2P programs are quite smart about not getting blocked using many mechanisms: </P><P>- random source and destination ports</P><P>- payload encryption </P><P>- tunneling/piggybacking on top of HTTP.</P><P>- UPNP usage. </P><P></P><P>It's almost impossible to completly block all P2P activity save for deep packet inspection and looking for patterns. </P><P>There are almost no reasoanly effective STATIC mechanisms to block p2p (IPS devices will have some luck with signatures, but may not be able to match patterns if encryption is used).</P><P></P><P>The most successful block I saw was default deny policy for LAN users + proxying of HTTP/HTTPS <span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span></P><P></P><P>TL;DR Bittorrent is using lots of different tricks to avoid detection. You may be able to block some activity with static methods, but it's trickier to do it completly. </P></BODY></HTML> Wed, 01 Feb 2012 11:49:55 GMT https://community.cisco.com/t5/network-security/asa-bit-torrent-blocking/m-p/1845821#M460291 Marcin Latosiewicz 2012-02-01T11:49:55Z https://community.cisco.com/t5/network-security/asa-bit-torrent-blocking/m-p/1845822#M460292 <HTML><HEAD></HEAD><BODY><P> I think I was able to effectively block using Service Policy</P></BODY></HTML> Thu, 02 Feb 2012 12:14:29 GMT https://community.cisco.com/t5/network-security/asa-bit-torrent-blocking/m-p/1845822#M460292 jyothydas 2012-02-02T12:14:29Z