cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2126
Views
0
Helpful
2
Replies

AIP-SSM-20 and P2P (bittorent) traffic

sjones@techsgi.com
Contributor
Contributor

Hello everyone--i'm trying to figure out a way to block bittorent/P2P traffic for an education client, and short of Ironport, i think the IPS/IDS module for the ASA might work but i'm wondering if anyone has had any success in doing this?    Is it an effective fix or is a webfiltering appliance the best route to go.  Bear in mind that aside from the LAN traffic and internal wireless, they also have public wi-fi through out the campus that will need to be addressed for this as well.  Does anyone have any suggestions?  Thanks

Scott J.

2 Replies 2

fadlouni
Beginner
Beginner

Hi.

With the IPS module you can reduce bittorrent activity by enabling blocking/dropping with bittorrent signature IDs:

1-11020 (and all subsignatures which fire on different types of bittorrent traffic).

2- 11030

3- 11031.

other p2p traffic signatures can be found here:

http://tools.cisco.com/security/center/viewAlert.x?alertId=86

Regards,

Fadi.

Does this Answer your question? if yes, please mark it so.

Blocking p2p traffic can only be done with the aip-ssm module?

what about plain firewall rules and inspections? which is more preferable and productive?

are there specific portst that p2p traffic uses that i can block as incoming traffic on the firweall coming from the outside?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers