blocking torrentz in ips

secureIT · ‎10-30-2013

Hi All,

I have the below config in ASA for diverting traffic to IPS module.

But still im unable to block as well as not able to see torrentz traffic in IDM logs, by checking on IDM logs and "show event past 00:00:10".

access-list ips_acl_1 extended permit ip any any

ciscoasa# show run | begin class-map

class-map IPS

match access-list ips_acl_1

!

policy-map ips_policy_map1

class IPS

ips inline fail-open

!

service-policy ips_policy_map1 interface outside

In IPS, Sig0 > P2P > Torrentz > I have selected all the signaures.

In the Configuration->IPS Policy, select the VS and click edit, Here we have blocked only High Risk alerts, and Medium and Low it was just "packet logging"

Can anybody revert to me please..

regards

Rajesh

rhermes · ‎11-19-2013

Last time I tested Cisco's ability to block Bit Torrent traffic (about 2 years ago) it was unable to detect encrypted Bit Torrent traffic.

Are you getting any hits on your existing torrent sigs?

- Bob

pusa sandeep · ‎02-14-2014

How to block Connectify (Hot spot) on Lan's or Fotigate 1000c.

Nikos Nicolaides · ‎02-14-2014

Yes, you need Cisco SCE for that.

TIA,

Nicos Nicolaides

TIA, Nicos Nicolaides

torrentz · ‎07-31-2020

I had the same issue. But I found utorrentz2.in is working well!

Thank You!