01-18-2011 12:54 PM - edited 03-10-2019 05:14 AM
Hello everyone--i'm trying to figure out a way to block bittorent/P2P traffic for an education client, and short of Ironport, i think the IPS/IDS module for the ASA might work but i'm wondering if anyone has had any success in doing this? Is it an effective fix or is a webfiltering appliance the best route to go. Bear in mind that aside from the LAN traffic and internal wireless, they also have public wi-fi through out the campus that will need to be addressed for this as well. Does anyone have any suggestions? Thanks
Scott J.
01-20-2011 01:08 PM
Hi.
With the IPS module you can reduce bittorrent activity by enabling blocking/dropping with bittorrent signature IDs:
1-11020 (and all subsignatures which fire on different types of bittorrent traffic).
2- 11030
3- 11031.
other p2p traffic signatures can be found here:
http://tools.cisco.com/security/center/viewAlert.x?alertId=86
Regards,
Fadi.
Does this Answer your question? if yes, please mark it so.
08-26-2011 08:58 AM
Blocking p2p traffic can only be done with the aip-ssm module?
what about plain firewall rules and inspections? which is more preferable and productive?
are there specific portst that p2p traffic uses that i can block as incoming traffic on the firweall coming from the outside?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide