11-14-2006 03:17 AM - edited 03-03-2019 02:41 PM
Hi
I posted on this a while back - I was trying to use NBAR to limit Bittorrent but the policy wasn't seeing a lot of the torrent traffic and I was still able to get very high speed downloads.
Just noticed that if you run
#sh ip nbar port-map
the ports listed for bittorrent are:
port-map bittorrent tcp 6881 6882 6883 6884 6885 6886 6887 6888 6889
now these are the ports from the original bittorent application but no-one who knows anything uses these anymore as so many ISPs block\shape them.
so is this the reason why my policy is not working?
does the pdlm only check these ports?
is it possible to specify a large range of ports or would this cripple the router?
all suggestions gratefully received.
Liam.
11-14-2006 04:14 AM
You will have to put a sniffer on your network to see what ports your users are using for BitTorrent. You can then block using the ports they are using. However if your users are smarter then they look, then you will have to block the traffic using their host. Or you need to apply your corporate security policies and demand that they remove the software and cease from using BitTorrent...
11-14-2006 10:18 AM
If you issue "show ip nbar protocol discovery", do you see alot of hits? Have you tried limitting Bittorent ports using access-lists?
If possible, can you post your config without sensitive data?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide