Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Block P2P and Bittorrent

Hi, As there are lot of softwares which works on P2P so is it possible to block all p2p traffic whether the traffic comes by using any software. Second, would block Bittorrent Traffic as well. Please suggest.

14 REPLIES

Re: Block P2P and Bittorrent

do the following

class-map match-any sdm_p2p_kazaa

match protocol fasttrack

match protocol kazaa2

class-map match-any sdm_p2p_edonkey

match protocol edonkey

class-map match-any sdm_p2p_gnutella

match protocol gnutella

class-map match-any sdm_p2p_bittorrent

match protocol bittorrent

policy-map blocking_P2P

class sdm_p2p_gnutella

drop

class sdm_p2p_bittorrent

drop

class sdm_p2p_edonkey

drop

class sdm_p2p_kazaa

drop

the apply it in two directions on the outside interface

lets say

interface fa0/1

service-policy input blocking_P2P

service-policy output blocking_P2P

and should work perfect

but see the following prevous post first

http://forums.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Security&topic=Firewalling&CommCmd=MB%3Fcmd%3Dpass_through%26location%3Doutline%40%5E1%40%40.2cc188a9/0#selected_message

good luck

please, if helpful rate

Re: Block P2P and Bittorrent

Using what, ASA/PIX or IOS?

Regards

Farrukh

New Member

Re: Block P2P and Bittorrent

ASA 5505

Re: Block P2P and Bittorrent

then just follow the following link will guid u step by step

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00808c38a6.shtml

good luck

please if helpful Rate

New Member

Re: Block P2P and Bittorrent

Will it block all P2p trafic if user use any software like kazaa, lime wire and etc. And what about bittorrent.

Re: Block P2P and Bittorrent

most the times these kind of p2p hard to block because it work under http (tunneled under http) so the link above inspect the http misuse and block these kind of traffic

also with class-map tyrp inspect ?

put question marck and check what othe rotions u can get

the same with policy-map tey ?

and so on

with the above link should be fine

please, if helpful rate

New Member

Re: Block P2P and Bittorrent

Well, it means we dont have any other option to block every software which supports P2P traffic.

I have gone through the above link commands and its working fine but still I am able to download the softwares, movies etc by using bittorrent.

Is there any other method would you recommand so that the P2p and bittorrent traffic to be blocked. Please suggest.

Re: Block P2P and Bittorrent

try the simple way

go to that software setings

ses what ports [ tcp udp whatever] it use

and then deny it by simple ACLs

Re: Block P2P and Bittorrent

Blocking bittorrent is a little difficult as compared to the other P2P softwares.

Have a look at these links tough:

http://wiki.wireshark.org/BitTorrent

http://userpages.umbc.edu/~hamilton/btclientconfig.html

Regards

Farrukh

Re: Block P2P and Bittorrent

hi Farrukh

what u suggest in case of bittorrent ?

because with IOS firewall the is a matching for it inculded with NBAR

however in ASA not inculded with MPF except the one for port mis-use!!!

Re: Block P2P and Bittorrent

Marwan please check the two links I posted in my earlier post (via Edit). The reason why its difficult is because of the random ports and secondly because some clients use encryption and even HTTPS for tracker as mentioned here:

http://seclists.org/pen-test/2007/Aug/0197.html

Regards

Farrukh

Re: Block P2P and Bittorrent

i know the idea...

and i know why hard to match it...

but, i just asked u about ur opinion which way u think better to block it !

anyway thank you

Re: Block P2P and Bittorrent

Sorry I did not understand your initial post clearly. I would first start to block the ports and check the famous clients (Azerus,Utorrent,BitTorrent) to see if they continue to work. Then only I would resort to fancy things like HTTP inspection as they have huge performane impact on firewalls (ASA,Netscreen etc.)

Ragards

Farrukh

Re: Block P2P and Bittorrent

cool

and Thank You

543
Views
5
Helpful
14
Replies