0

Hey everyone,

We (the place I work at) are getting a dedicated P2P T1 line to our main office. I'm not sure if this is going to be used for WAN traffic only, or also for internet.

If it is going to be used for internet, I want to block all P2P and bittorrent applications. I don't want anyone thinking, "Yay, T1... BitTorrent here I come!" and hogging up all the bandwidth.

My plan as of now is to use ACLs to block every port I can find that pertains to bittorrent or any other p2p client. Does anyone have a better suggestion?


Also, on a side note: how does streaming (i.e., if someone were to stream music or videos all day) affect internet speeds?

4
Contributors
5
Replies
6
Views
10 Years
Discussion Span
Last Post by billythehamster
0

Are u using anykind of Hardware/Software firewall at the edge of your network???

If yes you have hardware firewall then it won't be difficult as firewall manufactures are providing IPS signatures to block your desired traffic.

If not then you can use software firewall on your NAT/Edge PC to block certain type of traffic.

0

You can run bit torrent on any port that you like. I even think that like MSN messenger it will default to port 80 to download stuff if it can't access the internet on any port. This means that it is not an application that can be stopped by denying certain ports you need something that is more intelligent.

If you are going to use a Firebox (Watchguard Firewall) I know they do a UTM version which should be able to block BitTorrent stuff. Check their documentation.

If not then you will need to invest in some kind of web proxy solution that can identify BitTorrent packets and not just block on a port by port basis.

0

We are using. . cisco pix 515e can any one tell me which ports i have to set to deny...

thanksin advance

0

We are using. . cisco pix 515e can any one tell me which ports i have to set to deny...

thanksin advance

You can't block it just using a PIX 515 Bit Torrent works on any port including port 80 (www traffic). The only way to stop it is with a proxy server.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.