https://community.cisco.com/t5/network-security/block-p2p-and-bittorrent/m-p/1069419#M914665 <P>Hi, As there are lot of softwares which works on P2P so is it possible to block all p2p traffic whether the traffic comes by using any software. Second, would block Bittorrent Traffic as well. Please suggest.</P> Mon, 11 Mar 2019 13:30:16 GMT ray_stone 2019-03-11T13:30:16Z https://community.cisco.com/t5/network-security/block-p2p-and-bittorrent/m-p/1069419#M914665 <P>Hi, As there are lot of softwares which works on P2P so is it possible to block all p2p traffic whether the traffic comes by using any software. Second, would block Bittorrent Traffic as well. Please suggest.</P> Mon, 11 Mar 2019 13:30:16 GMT https://community.cisco.com/t5/network-security/block-p2p-and-bittorrent/m-p/1069419#M914665 ray_stone 2019-03-11T13:30:16Z https://community.cisco.com/t5/network-security/block-p2p-and-bittorrent/m-p/1069420#M914667 <HTML><HEAD></HEAD><BODY><P>do the following </P><P></P><P>class-map match-any sdm_p2p_kazaa </P><P>match protocol fasttrack </P><P>match protocol kazaa2 </P><P>class-map match-any sdm_p2p_edonkey </P><P>match protocol edonkey </P><P>class-map match-any sdm_p2p_gnutella </P><P>match protocol gnutella </P><P>class-map match-any sdm_p2p_bittorrent </P><P>match protocol bittorrent </P><P></P><P>policy-map blocking_P2P </P><P>class sdm_p2p_gnutella </P><P>drop </P><P>class sdm_p2p_bittorrent </P><P>drop </P><P>class sdm_p2p_edonkey </P><P>drop </P><P>class sdm_p2p_kazaa </P><P>drop </P><P></P><P>the apply it in two directions on the outside interface </P><P></P><P>lets say </P><P>interface fa0/1 </P><P>service-policy input blocking_P2P </P><P>service-policy output blocking_P2P </P><P></P><P>and should work perfect </P><P></P><P></P><P>but see the following prevous post first</P><P></P><P></P><P><A class="jive-link-custom" href="http://forums.cisco.com/eforum/servlet/NetProf?page=netprof&amp;forum=Security&amp;topic=Firewalling&amp;CommCmd=MB%3Fcmd%3Dpass_through%26location%3Doutline%40%5E1%40%40.2cc188a9/0#selected_message" target="_blank">http://forums.cisco.com/eforum/servlet/NetProf?page=netprof&amp;forum=Security&amp;topic=Firewalling&amp;CommCmd=MB%3Fcmd%3Dpass_through%26location%3Doutline%40%5E1%40%40.2cc188a9/0#selected_message</A></P><P></P><P>good luck </P><P></P><P>please, if helpful rate </P><P></P></BODY></HTML> Wed, 13 Aug 2008 01:54:00 GMT https://community.cisco.com/t5/network-security/block-p2p-and-bittorrent/m-p/1069420#M914667 Marwan ALshawi 2008-08-13T01:54:00Z https://community.cisco.com/t5/network-security/block-p2p-and-bittorrent/m-p/1069421#M914668 <HTML><HEAD></HEAD><BODY><P>Using what, ASA/PIX or IOS?</P><P></P><P>Regards</P><P></P><P>Farrukh</P></BODY></HTML> Wed, 13 Aug 2008 02:02:32 GMT https://community.cisco.com/t5/network-security/block-p2p-and-bittorrent/m-p/1069421#M914668 Farrukh Haroon 2008-08-13T02:02:32Z https://community.cisco.com/t5/network-security/block-p2p-and-bittorrent/m-p/1069422#M914672 <HTML><HEAD></HEAD><BODY><P>ASA 5505</P></BODY></HTML> Wed, 13 Aug 2008 02:44:19 GMT https://community.cisco.com/t5/network-security/block-p2p-and-bittorrent/m-p/1069422#M914672 ray_stone 2008-08-13T02:44:19Z https://community.cisco.com/t5/network-security/block-p2p-and-bittorrent/m-p/1069423#M914677 <HTML><HEAD></HEAD><BODY><P>then just follow the following link will guid u step by step</P><P></P><P><A class="jive-link-custom" href="http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00808c38a6.shtml" target="_blank">http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00808c38a6.shtml</A></P><P></P><P>good luck</P><P></P><P>please if helpful Rate</P></BODY></HTML> Wed, 13 Aug 2008 02:48:18 GMT https://community.cisco.com/t5/network-security/block-p2p-and-bittorrent/m-p/1069423#M914677 Marwan ALshawi 2008-08-13T02:48:18Z https://community.cisco.com/t5/network-security/block-p2p-and-bittorrent/m-p/1069424#M914686 <HTML><HEAD></HEAD><BODY><P>Will it block all P2p trafic if user use any software like kazaa, lime wire and etc. And what about bittorrent.</P></BODY></HTML> Wed, 13 Aug 2008 02:51:24 GMT https://community.cisco.com/t5/network-security/block-p2p-and-bittorrent/m-p/1069424#M914686 ray_stone 2008-08-13T02:51:24Z https://community.cisco.com/t5/network-security/block-p2p-and-bittorrent/m-p/1069425#M914688 <HTML><HEAD></HEAD><BODY><P>most the times these kind of p2p hard to block because it work under http (tunneled under http) so the link above inspect the http misuse and block these kind of traffic</P><P>also with class-map tyrp inspect ?</P><P></P><P>put question marck and check what othe rotions u can get </P><P>the same with policy-map tey ?</P><P>and so on</P><P></P><P>with the above link should be fine</P><P></P><P>please, if helpful rate</P></BODY></HTML> Wed, 13 Aug 2008 03:02:29 GMT https://community.cisco.com/t5/network-security/block-p2p-and-bittorrent/m-p/1069425#M914688 Marwan ALshawi 2008-08-13T03:02:29Z https://community.cisco.com/t5/network-security/block-p2p-and-bittorrent/m-p/1069426#M914693 <HTML><HEAD></HEAD><BODY><P>Well, it means we dont have any other option to block every software which supports P2P traffic. </P><P></P><P>I have gone through the above link commands and its working fine but still I am able to download the softwares, movies etc by using bittorrent. </P><P></P><P>Is there any other method would you recommand so that the P2p and bittorrent traffic to be blocked. Please suggest.</P><P></P></BODY></HTML> Wed, 13 Aug 2008 03:33:03 GMT https://community.cisco.com/t5/network-security/block-p2p-and-bittorrent/m-p/1069426#M914693 ray_stone 2008-08-13T03:33:03Z https://community.cisco.com/t5/network-security/block-p2p-and-bittorrent/m-p/1069427#M914698 <HTML><HEAD></HEAD><BODY><P>try the simple way</P><P>go to that software setings</P><P>ses what ports [ tcp udp whatever] it use</P><P>and then deny it by simple ACLs</P><P></P><P></P></BODY></HTML> Wed, 13 Aug 2008 03:45:13 GMT https://community.cisco.com/t5/network-security/block-p2p-and-bittorrent/m-p/1069427#M914698 Marwan ALshawi 2008-08-13T03:45:13Z https://community.cisco.com/t5/network-security/block-p2p-and-bittorrent/m-p/1069428#M914704 <HTML><HEAD></HEAD><BODY><P>Blocking bittorrent is a little difficult as compared to the other P2P softwares.</P><P></P><P>Have a look at these links tough:</P><P></P><P><A class="jive-link-custom" href="http://wiki.wireshark.org/BitTorrent" target="_blank">http://wiki.wireshark.org/BitTorrent</A></P><P></P><P><A class="jive-link-custom" href="http://userpages.umbc.edu/~hamilton/btclientconfig.html" target="_blank">http://userpages.umbc.edu/~hamilton/btclientconfig.html</A></P><P></P><P>Regards</P><P></P><P>Farrukh</P></BODY></HTML> Wed, 13 Aug 2008 04:17:53 GMT https://community.cisco.com/t5/network-security/block-p2p-and-bittorrent/m-p/1069428#M914704 Farrukh Haroon 2008-08-13T04:17:53Z https://community.cisco.com/t5/network-security/block-p2p-and-bittorrent/m-p/1069429#M914708 <HTML><HEAD></HEAD><BODY><P>hi Farrukh</P><P></P><P>what u suggest in case of bittorrent ?</P><P></P><P>because with IOS firewall the is a matching for it inculded with NBAR</P><P></P><P>however in ASA not inculded with MPF except the one for port mis-use!!!</P><P></P><P></P></BODY></HTML> Wed, 13 Aug 2008 04:22:24 GMT https://community.cisco.com/t5/network-security/block-p2p-and-bittorrent/m-p/1069429#M914708 Marwan ALshawi 2008-08-13T04:22:24Z https://community.cisco.com/t5/network-security/block-p2p-and-bittorrent/m-p/1069430#M914713 <HTML><HEAD></HEAD><BODY><P>Marwan please check the two links I posted in my earlier post (via Edit). The reason why its difficult is because of the random ports and secondly because some clients use encryption and even HTTPS for tracker as mentioned here:</P><P></P><P><A class="jive-link-custom" href="http://seclists.org/pen-test/2007/Aug/0197.html" target="_blank">http://seclists.org/pen-test/2007/Aug/0197.html</A></P><P></P><P>Regards</P><P></P><P>Farrukh</P></BODY></HTML> Wed, 13 Aug 2008 04:37:43 GMT https://community.cisco.com/t5/network-security/block-p2p-and-bittorrent/m-p/1069430#M914713 Farrukh Haroon 2008-08-13T04:37:43Z https://community.cisco.com/t5/network-security/block-p2p-and-bittorrent/m-p/1069431#M914714 <HTML><HEAD></HEAD><BODY><P>i know the idea...</P><P>and i know why hard to match it...</P><P>but, i just asked u about ur opinion which way u think better to block it !</P><P></P><P>anyway thank you </P></BODY></HTML> Wed, 13 Aug 2008 04:47:00 GMT https://community.cisco.com/t5/network-security/block-p2p-and-bittorrent/m-p/1069431#M914714 Marwan ALshawi 2008-08-13T04:47:00Z https://community.cisco.com/t5/network-security/block-p2p-and-bittorrent/m-p/1069432#M914715 <HTML><HEAD></HEAD><BODY><P>Sorry I did not understand your initial post clearly. I would first start to block the ports and check the famous clients (Azerus,Utorrent,BitTorrent) to see if they continue to work. Then only I would resort to fancy things like HTTP inspection as they have huge performane impact on firewalls (ASA,Netscreen etc.)</P><P></P><P>Ragards</P><P></P><P>Farrukh</P></BODY></HTML> Wed, 13 Aug 2008 04:53:24 GMT https://community.cisco.com/t5/network-security/block-p2p-and-bittorrent/m-p/1069432#M914715 Farrukh Haroon 2008-08-13T04:53:24Z https://community.cisco.com/t5/network-security/block-p2p-and-bittorrent/m-p/1069433#M914716 <HTML><HEAD></HEAD><BODY><P>cool</P><P></P><P>and Thank You </P></BODY></HTML> Wed, 13 Aug 2008 08:13:01 GMT https://community.cisco.com/t5/network-security/block-p2p-and-bittorrent/m-p/1069433#M914716 Marwan ALshawi 2008-08-13T08:13:01Z