Hello Fred,

"is there a one-liner I can write under Configuration/Firewall, to block Bit Torrent? It's against a company policy here to be using it anyway"

You may need to work with Modular Policy Frame work in your firewall, totally agree with you violating of company policy and most importantly users eating up your internet bandwidth by downloading non-work-related files by using peer to peer downloads.

Working with MPF for blocking PtP file transfers.

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00808c38a6.shtml#conf

You may also reference this link to get an idea of most common internet services TCP ports information inlcuding Bittoren and other internet file shariing services.

http://www.chebucto.ns.ca/~rakerman/port-table.html

"I was looking at the firewall dashboard and it showed Bit Torrent taking up about 40% of the total traffic for the last hour. The ASA5510 dashboard seems to have detected that on it's own, I don't have anything specific written to trap BT."

As for this one you should be able to see in ASDM realtime syslog by looking at the TCP/UDP connecting teardown who may be using Bitoren, look at source and destination in the logs.

You may also if you have an inside router connected to ASA5500 firewall to do netflow or ip accounting which may show you top talkers for bandwith, or if router does not support netflow you could enable ip route-cache flow on router interface connecting to ASA firewall.

netflow

http://www.cisco.com/en/US/products/ps6601/products_ios_protocol_group_home.html

free netflow collectors

http://www.cisco.com/en/US/prod/iosswrel/ps6537/ps6555/ps6601/networking_solutions_products_genericcontent0900aecd805ff72b.html

Rgds

-Jorge

PLS Rate any helpfull posts