How to block p2p applications(Bittorent like) with AIP-SSM-10?
Hi,
How to block p2p application using AIP-SSM-10 working with ASA5520?AIP is on promiscuous mode.
Thanks,
Siva
There are several signatures that detect p2p, for bit torrent there is 11020.0
Yahoo triggers: 5539.0, 11200.0, 11212.0, 11217.0 & 11219.0
etc..
Some are disabled by default though so please ensure you enable the ones that you need.
If you want to block these then you will have to use event actions that work in promiscuous setup for example request block connection and tcp reset. Please note that care must be taken when using these event actions.
For more information about the event actions please refer the link below:
http://www.cisco.com/univercd/cc/td/doc/product/iaabu/csids/csids12/idmguide/dmevtrul.htm#wp1069467
Similar Messages
-
Want to block P2P application using ASA5540
I want to block P2P application & IM using ASA with IPS built-in. I dont wanna use the ACL for all the ports because most of the P2P application using dynamic ports.
Aamir,
You can do this using the application layer inspection on the firewall.
Please take a look at the configuration guide given below.
http://www.cisco.com/univercd/cc/td/doc/product/multisec/asa_sw/v_7_2/conf_gd/firewall/inspect.htm#wp1479354
Rate this post, if it helps.
Cheers
Gilbert -
How to call the application that submitted with the ipod touch 5?? is a ninja
how to call the application that submitted with the ipod touch 5?? is a ninja
You should not discuss beta software here at all.
This is a developer only question and should be posted in the developer forum -
How can I share applications and softwares with different users of the same computer?
First question: How can I share applications and softwares with different users of the same computer?
Second : Can I use 2 different I cloud accounts to synt 2 iphones with one computer?Applications installed on the admin account are available to all user accounts unless Parental Controls are enabled.
Yes. Separate user accounts, help here > How to use multiple iPods, iPads, or iPhones with one computer -
Blocking p2p application traffic and tunneling
I need help ........
We have taken two ASA with AIP card, and have configured Active/Active , but user are using p2p and tunneling softwares . how can we block p2p and tunneling traffic ..
plz anyone reply me..........
regardsIf you are using Firewall software 12.4(9)T and above, it has integrated policies to block or rate limit p2p application traffic using dynamically updateable application
definitions for newer p2p applications. KaZaA, Gnutella, BitTorrent, and eDonkey are currently supported.
You may also see this: http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a00801e419a.shtml -
How to block ultrsurf application.
Dear All,
/* Style Definitions */
table.MsoNormalTable
{mso-style-name:"Table Normal";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-qformat:yes;
mso-style-parent:"";
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-para-margin-top:0in;
mso-para-margin-right:0in;
mso-para-margin-bottom:10.0pt;
mso-para-margin-left:0in;
line-height:115%;
mso-pagination:widow-orphan;
font-size:11.0pt;
font-family:"Calibri","sans-serif";
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-fareast-font-family:"Times New Roman";
mso-fareast-theme-font:minor-fareast;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;
mso-bidi-font-family:Arial;
mso-bidi-theme-font:minor-bidi;}
Dear All,
How can I block Ultrasurf Application?
I have configured Cisco ASA 5520 with Cisco CSC-SSM module.
I have blocked everything Except Business and banking activities.
But user can access A 2 Z traffic through Ultrasurf.exe application. which bypasses all possible firewalls.
How can I blocked this application?
Any solution??????????????
Thanks
I.AHello Eric,
Sorry, for not updating the post recently. I resolved the issue.
I created a custom url category, created a decryption policy and put the action "Decrypt" for this custom url category as mentioned in the kb article.
I put the action Decrypt also for the uncategorized urls and tested it for a user standing only in one AD group. It worked. The skype traffic was blocked.
It worked also when I excluded this custom url category from this decryption policy and put only the "Decrypt" action for uncategorized urls.
Thank you for all your support Eric,
Have a great day
Ilir -
How to write a application using WDJ with the adobe form ?
Hi, experts,
I don't know how to write a application using !!webdynpro for java!! with the adobe form so that I can fill data to the adobe form and get data from the adobe form.
Note: I have configed the ADS(adobe document services),and I can create a application with a interactiveform in webdynpro for abap and run it successfully, so that I can fill data to the adobe form and get data from the adobe form.
Do you give me some hint?
Thanks a lot.
Best regards,
tao
Edited by: wang tao on Sep 9, 2008 8:59 AMHi,
Refers the following links.
https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/4fd2d690-0201-0010-de83-b4fa0c93e1a9
https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/5f27e290-0201-0010-ff82-c21557572da1
https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/70c9a954-aa20-2a10-64bb-ea0835204e03
Thanks
Abhilasha. -
How to block lost lenovo A6000 mobile with IMEI
List out the procedures to be followed to block the lost LENOVO A600 with the help of IMEI?
IMEI 1:- XXXXXXXXXXXX
IMEI 2:- XXXXXXXXXXXX
Mobile No :- XXXXXXXX,XXXXXXXX
Moderator note: Personal information removed for member's protection.Hi clicksteps
You can lock,factory reset or even locate(if location services are enabled)your phone using your Google account(the Google account you were using on your phone).Go to https://www.google.com/dashboard/ -> Sign in to your Google account(the one used on the phone)->go to Android/Manage active devices->from there you can ''Ring'',''Lock'',''Erase'',''Locate'' or ''Rename'' the device.
Unfortunately only the mobile service providers/operators can ''blacklist'' a certain IMEI number.
The IMEI number can also help local authorities(local police department) to track down your phone.
Hope this helps
Did someone help you today? Press the star on the left to thank them with a Kudo!
If you find a post helpful and it answers your question, please mark it as ''ACCEPT AS SOLUTION"!
Unsolicited PM's will not be answered! ....Please post your question/s in the appropriate forum board.
English Community Deutsche Community Comunidad en Español Русскоязычное Сообщество -
Re: WRT160Nv2 - how to block "Torrent application"and website
Dear sir,
I want to know is it possible to block "Torrent Application" and Torrent Related web site Please help me..
Regards
Thomas.You can use the feature "Access Restriction" on the router to block some application or website you want.
-
Transparent mode with AIP-SSM-20
I currently have an ASA5510 in routed mode with an AIP-SSM-20.
There is a requirement to use a fibre optic connection between this ASA and another ASA across campus, so the AIP-SSM will have to be removed and replaced with the SSM-4GE. This part should present no issue.
However, this will remove the IPS device, and I still want to use IPS.
So, what I am thinking is to get another ASA5510, install the AIP-SSM, configure ASA for transparent mode and put it in between the inside of the routed ASA and my LAN. The transparent ASA would be functioning strictly as an IPS appliance.
Setup would look something like this:
Internal LAN <> transparent ASA with IPS <> routed ASA <> WAN
Can the AIP-SSM still perform IPS with the ASA in transparent mode?
Is there a way to configure the ASA and AIP-SSM such that traffic to/from a particular server completely bypasses the AIP-SSM?
I have a couple of fileservers that generate heavy traffic and could overload the AIP-SSM.
Regards.AFAIR, There is no problem to setup AIP in a transparent firewall.
"An ASA in transparent mode can run an AIP. In the event the AIP fails,
the IPS will fail-open and the ASA will continue to pass traffic.
However, if an interface or cable fails, then traffic will stop. You
would need a failover pair to account for this failure event, which
means another ASA and matching AIP."
And no there is no problem to exclude certain hosts/ports/subnets from inspection by IPS via MPF.
http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/ips.html#wp1050744
What I however consider however is if the ASAs 5510 as second tier firewall for 5520s will be enough.
http://www.cisco.com/en/US/products/ps6120/prod_models_comparison.html
HTH,
Marcin -
How to find which application is messing with my mac.
OK.
After 4 times zero out data and re-installing the OS, tens of hours searching, I found out that
the reason why my macbook pro late 2009 was getting beach ball of death is because of a 3rd party application. 1 week ago I re-installed the OS again and I didn't install anything else. My mac is running great with zero applications. Now, after a week I can't stand waiting anymore. I need some applications. How shall I install so I will be able to detect the corrupted one ??islane wrote:
cleanmymac (I can live without it, but paid for it 20$ )
tune up ( same )
Limewire
Tucan downloader
Martin's given you very good advice. My own 2 cents would be...
Live without the cleaning apps, the only "cleaning" your Mac needs, is the display with a soft cloth
Limewire is worse than using using a public toilet seat!
Tucan, I have no experience with but if it's bit-torrent, I'd leave it alone also.
-mj -
How to Block ads in ipad like firefox adblock plus
Hi,
Just switch from android 4 and i'm unhappy to discover after buying the new ipad that you can't install FIREFOX with adblock plus.
Is there a way to get rid off all this insane ads on the net with another ipad friendly browser ?
this annoys me a lot a and make my ipad experience worst than in android 4, where I was abble to use firefox with adblock.Since there are a number of 3rd party browsers available via the iTunes app store, I don't believe there is anything preventing Firefox from developing an iOS compatible version of their browser.
Settings > Safari > Block Pop-ups > On. -
Blocking P2P applications on WRT300N (V1)
Hello, I am currently using a WRT300n V1 with firmware version 1.03.6. Having trouble with my room mate downloading a hell lot of stuff using bittorrent. I talked to him but he refuse to stop. I play an online game and i am getting 1000+ ping which makes it impossible to play. I tried a lot of things, including Access restrictions etc. They don't seem to work. I am using the wireless, while he is connected to port 1. I tried lowering the qos on port1 to low. Nothing seems to work. Is it something wrong with the firmware? Any help would be appreciated. Last option is to get a new connection for myself.
Flat out doesn't work. It's an all or nothing affair. Either you block complete internet access between the hours noted or all days, or it's complete access to everything. The router cannot block specific ports even though it claims it can.
-
How to install mu application on phone with itune or without itunes
dear forum,
can we install our applications only through itunes or is any other way???
i will download any application from net(directly into my phone through gprs)
In that scenario how can i insatll my application.wizardz........................
u halve 2 undrstadn teh wizardz is only way............. -
How to get SAP application language only with SQL code
Hi all,
is there a way to get the current language only whith a sql query on the Database?
I know that Ican find that information from the Application object of the UI Api but in this case i can't access them.
Thanks in advance, Luca.Hello
You cannot get the Application language (GUI Language) from SQL, because it is stored on the client machine filesystem
Location is defined in
C:\Program Files\SAP\SAP Business One\Conf\b1-config-path.txt text file, which by defaulf is:
%USERPROFILE%\Local Settings\Application Data\SAP\SAP Business One\b1-current-user.xml file
Regards
J.
Maybe you are looking for
-
How many 'seats' are included with Adobe Creative Cloud for teams?
How many 'seats' are included with Adobe Creative Cloud for teams?
-
Error message when I try to publish aa application with BI Mobile App Designer
Hello, We had last month a product demonstration of BI Mobile App Designer by Oracle's commercial. Following this demonstration, I installed and deployed this module on one of our OBIEE server 11.1.7.141014 I thus tested the BI Mobile App Designer pr
-
How to connect c5-03 to PC suite?
When I connect my mobile c5-03 to my computer it asks me to select the connection type. The options are, OVI Suite, Mass storage, Image transfer and Media transfer. I have selected all the options and tried but i cannot connect the mobile to my PC su
-
MIGO,PO,PR, Sales order Problem
Sir i am working in an pharmicitical company .In my existing company before saving any MIGO ( GRN,Goods issue ),PO,PR, Sales order we first have to take approval from manignment ( authorised pearson ) ,if they suggest any corrections according to tha
-
Pie chart created in edge animate changes to a square animation when imported into dps
I Have created an animated pie chart in edge animate and all works fine. I then import into indesign and again all looks fine (even though at this stage it is a flat image) but when i export for dps and preview folio etc the animation turns from a ci