How I block torrents...

[khalipar]

Hi, i'm new to UT so bear with me.
Though, i would like to share how I blocked torrents for almost half a year already (and still works like a charm).
I did a lot of configurations which i got here from the forum
but the only configuration that actually works (as tested in my network) is to allow only ports that is applicable for work related processes.

The configuration is done in the Firewall where ports such as these are only allowed : 8070 , 443 , 5050 , 37 , 110 , 1025 , 587 , 49186 , 465 , 3389 , 21 , 8082 , 80 , 8081 , 3391 , 8080 , 22 , 25 , 995 , 7089 , 7088 , 8088. That's it.

Additional configuration is to block the dl of torrent files in the Web Filter Lite and block all Peer-to-Peer category in the Protocol Control (these 2 is optional, still works with out these).

Though this might be applicable to a certain environment but this configuration is a WIN WIN setup in our company.

[Solignis]

Interesting way of doing it, the only problem I see is a lot of the ports you blocked are for essential services some people run on there network. So while it may work you it may not work for everyone.

On a side note, Torrents are a tricky little thing. I have circumvented many firewalls by simply changing the port to something very high up. I use 60000 - 60005 for normal use. I also force encryption which automagically bypasses Untangle's UVM.

Torrents are one of the few things that require bandwidth control to control not so much port blocking. IMO of course.

[sky-knight]

uTorrent as a client will use TCP 443, 80, and 8080 in a heart beat. So no, you haven't stopped much. You have put a dent in them, and setup a monster of a trip wire if you're actually reading the logs from the blocked sessions.

[Solignis]

Wha? Heartbeats? uTorrent sends hearbeats?

[khalipar]

--------------------------------------------------------------------------
Interesting way of doing it, the only problem I see is a lot of the ports you blocked are for essential services some people run on there network. So while it may work you it may not work for everyone.
--------------------------------------------------------------------------

@Solignis: Thanks there for the comment..yup, as I said it may be applicable for certain environments. Ours is just for research doing internet browsing uses port 80, 443 and some other non standard ports that is why you can see some 8080, 8081, etc. Also, I am always open to suggestions, if users say they need this port for their job functions, they need their supervisor's approval then I will unblock it. That's administrative control.

@Sky-night: i don't mean to argue, but could you please give me an example may it be torrent client configuration or any peer-to-peer setup that i can test here...i have been testing for half a year, so far no more high bandwidths logged in my UT. I always check it from time to time if utorrent client is working but nada, I can say i've successfully block torrents.

[sky-knight]

How are you testing uTorrent? Because all I have to do is make a trip to pirate bay grab a random .torrent and watch the packets flow.

I'm doing this on a machine subject to a special rack with a default block firewall that only allows TCP 80 and 443 outbound. I see blocks all over the place, and it takes the torrent longer to get going, but it still works.

It does indeed slow it down, so if you're looking at it from a pure bandwidth lost perspective, yes I can see that as a victory.

As for testing it internally... one of these days I'm going to work out how to build my own torrent tracker. I'd love to have 10 machines, 5 on each side of an untangle running a local torrent cloud at gigabit speeds throwing sessions around like mad to really stress my NGs. Sadly, I haven't figured out how to make that particular magic work.

Anyone know the electron incantation for a packet storm?

[khalipar]

ow, in my case i have thing working as expected...so que sera sera...as for the time being i'll just test some torrent client configuration to see if i can get pass through with my UT configuration (doin this for a couple of times already)...good luck there for your tests ...by the way attached is the screenshot of UTorrent...

[hescominsoon]

seeding is folks that have 100% of the torrented file and are open for others to pull from them.

[hescominsoon]

of course some minor googlefoo helps too:
http://en.wikipedia.org/wiki/BitTorrent_vocabulary

[mrfixit]