01-18-2011 12:54 PM - edited 03-10-2019 05:14 AM
Hello everyone--i'm trying to figure out a way to block bittorent/P2P traffic for an education client, and short of Ironport, i think the IPS/IDS module for the ASA might work but i'm wondering if anyone has had any success in doing this? Is it an effective fix or is a webfiltering appliance the best route to go. Bear in mind that aside from the LAN traffic and internal wireless, they also have public wi-fi through out the campus that will need to be addressed for this as well. Does anyone have any suggestions? Thanks
Scott J.
01-20-2011 01:08 PM
Hi.
With the IPS module you can reduce bittorrent activity by enabling blocking/dropping with bittorrent signature IDs:
1-11020 (and all subsignatures which fire on different types of bittorrent traffic).
2- 11030
3- 11031.
other p2p traffic signatures can be found here:
http://tools.cisco.com/security/center/viewAlert.x?alertId=86
Regards,
Fadi.
Does this Answer your question? if yes, please mark it so.
08-26-2011 08:58 AM
Blocking p2p traffic can only be done with the aip-ssm module?
what about plain firewall rules and inspections? which is more preferable and productive?
are there specific portst that p2p traffic uses that i can block as incoming traffic on the firweall coming from the outside?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: