×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

NBAR question

Unanswered Question
Apr 8th, 2008
User Badges:

Let's say I do this on my network:


class-map bittorrent

match protocol bittorrent

!

policy-map Outside

class bittorrent

drop


If someone changed their default bittorrent port, for example to port 80, would this circumvent detection?


If I then use "ip nbar port-map bittorrent tcp 80" to change the port monitored for bittorrent, doesn't this negate the purpose of NBAR - ie. to look further into the packet than just the port number in order to recognise traffic?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion