How effective is blocking bit torrent on my network?
As per the network policy, we have to block all torrent traffic from the network. To do this, I used to block all ports above 1024 on my firewall/proxy devices. But due to this, many other applications that use non-standard ports are not able to function, especially mobile applications, and users are complaining because of this.
Is there an effective way of blocking bit torrents on my network?
A minimum number of ports, or few specific ports, or application-level filtering?
We have Cisco Iron Port Security and Cisco ASA 5500 Firewall devices.
You have a number of ways to blocking bit torrent on your network:
- Blocking ports: this doesn't work, because p2p traffic can use pretty much any port (even ones below 1024)
- Deep inspection: looking at traffic and blocking based on type can help you a lot, however, encrypted traffic all look alike
- Destination filtering: this may also help a bit, but you'd have to maintain a large blacklist
- Volume: if a user is downloading/uploading large amounts of traffic then investigate
Controlling the applications installed on the computers on your network through Group Policy or a real-world policy. Disallow all p2p applications, and if anyone breaches the police don't let them use the network/fire them/find them/whatever
15 ways of blocking Bit torrent:
- Use VPN Service
- Use Magnet Links
- Use HTTP Proxy
- Switch to Port 80
- Seedbox
- Use the TOR Network
- How to unblock uTorrent from WiFi
- Torrent Relay
- ImageShack
- Txtor
- Thunder
- BitLet
- ZbigZ
- Furk.net
- Torrent2exe