![]() ![]() If your concern is the legality of the shared content (or if you plan on taking any action against your users), then your best defense is a well-written acceptable-use policy outlining the users' responsibility for their actions and forbidding the use of file-sharing software. An IPS could put a threshold on the number of incoming and outgoing connections, since Bittorrent clients need to connect to multiple peers (and have multiple peers connect to them) in order to function. What network interface are you connected to 1 Reply BullBuchanan 1 yr. Also, make sure UPnP/NAT-PMP is disabled and have enable local peer disabled as well. A firewall could prohibit incoming connections to your user subnet, while permitting them to your intended outward-facing services. Having 443 in your port and between 48,000-65,000 should work. As a peer-to-peer protocol, peers outside your network need to connect in. Quality-of-service (QOS) control and bandwidth caps for endpoints could limit the impact the Bittorrent users are having on your overall bandwidth, without the cat-and-mouse game of trying to block a particular protocol.Īnother approach would be to block the types of connections that Bittorrent requires. ![]() If you own the network and bandwidth is your big issue, then you would be best served by a bandwidth monitoring solution. The standard ports are 6881-6889 TCP, but the protocol can be run on any port, and the peer-to-peer nature of the protocol means that discovering peers that use unblocked ports is simple.īlocking Bittorrent traffic could be done with a deep-packet-inspection or application firewall, but many Bittorrent clients support encryption that makes DPI less effective. Blocking Bittorrent is challenging, and can't really be done effectively with port blocks. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |