Lust taking a quick look at this, I believe the following should work for default ports when using policy: Add deny rules for the P2P default ports to the policy roles. However, some users are smart enough to change the default ports. You will catch most of them with the defaults. A layer-7 P2P application identification solution is need for a 100% match.
If you use Enterasys NAC with agent-based scanning, it can stop P2P services from running on the computers. Common P2P applications: Limewire 6346/6347 TCP/UDP Morpheus 6346/6347 TCP/UDP BearShare default 6346 TCP/UDP Edonkey 4662/TCP EMule 4662/TCP 4672/UDP Bittorrent 6881-6889 TCP/UDP WinMx 6699/TCP 6257/UDP Robert Kwiatkowski Senior Network Specialist II Hudson Valley Community College 80 Vandenburgh Avenue Troy, NY 12180 E-mail: <mailto:[email protected]> [email protected] Voice: 518-629-7517 Fax: 518-629-7548 From: Patrick Printz [mailto:[email protected]] Sent: Thursday, September 13, 2012 6:43 AM To: Enterasys Customer Mailing List Subject: [enterasys] Blocking bittorrent and P2P How do you block bittorrent and P2P traffic? Is it something that can be done via policy or ACL's? I know I could do it with a packet shaper, but we do not have one yet. I am just curious is someone else has thought of some ingenious way of keeping this traffic contained. Patrick Printz Network Infrastructure Quinsigamond Community College 670 West Boylston Street Worcester, MA 01606-2092 w. 508-854-7517 c. 508-726-9529 "If a man is called a street sweeper, he should sweep streets even as Michelangelo painted, or Beethoven composed music, or Shakespeare wrote poetry. He should sweep streets so well that all the hosts of heaven and Earth will pause to say, Here lived a great street sweeper who did his job well." ~Martin Luther King, Jr. * --To unsubscribe from enterasys, send email to [email protected] with the body: unsubscribe enterasys [email protected] --- To unsubscribe from enterasys, send email to [email protected] with the body: unsubscribe enterasys [email protected]
