25

I want to block torrent traffic on my network because it is utilizing too much bandwidth and disrupted my network traffic. What port range should I use and what protocol TCP or UDP?

Ali Ahmad
  • 4,784
  • 8
  • 35
  • 61
hodl
  • 351
  • 1
  • 3
  • 5
  • 1
    AFAIK A BitTorrent client normally associates the TCP port number 6881. However, if this port is busy for some reason, the client will instead try successively higher ports (6882, 6883, and so on up to a limit of 6999). In order for outside BitTorrent clients to reach this one, they must be able to connect to the correct port. – Aniket Thakur Oct 03 '13 at 08:04
  • 1
    if you have control over the network computers you can try finding the hash of the bittorrent application and block it from being installed or run an any PC –  Dec 12 '13 at 12:05
  • 1
    this doesn't address the question at all. The OP is asking what ports are used. – Rory Alsop Dec 12 '13 at 14:57
  • 1
    @RoryAlsop I'm a bit late, but people are suggesting other solutions because bittorrent is not confined to any port. – Navin Sep 18 '15 at 04:05
  • 1
    Block every port IN/OUT across all protocols and punch Firewall on demand basis. – जलजनक Feb 12 '17 at 02:27
  • 1
    @user35567 there are probably dozens of bittorrent clients with many versions each. And even if you did map them all, you'd have to play catch-up with every new version that came out for any of them, as well as new clients that join the market. Finally, it should be pretty simple to say change one line of qBittorrent code, compile it, and get a hash you'll never block. – Ohad Schneider Oct 02 '17 at 23:28

2 Answers2

43

Blocking Bittorrent is challenging, and can't really be done effectively with port blocks. The standard ports are 6881-6889 TCP, but the protocol can be run on any port, and the peer-to-peer nature of the protocol means that discovering peers that use unblocked ports is simple.

Blocking Bittorrent traffic could be done with a deep-packet-inspection or application firewall, but many Bittorrent clients support encryption that makes DPI less effective.

If you own the network and bandwidth is your big issue, then you would be best served by a bandwidth monitoring solution. Quality-of-service (QOS) control and bandwidth caps for endpoints could limit the impact the Bittorrent users are having on your overall bandwidth, without the cat-and-mouse game of trying to block a particular protocol.

Another approach would be to block the types of connections that Bittorrent requires. As a peer-to-peer protocol, peers outside your network need to connect in. A firewall could prohibit incoming connections to your user subnet, while permitting them to your intended outward-facing services. An IPS could put a threshold on the number of incoming and outgoing connections, since Bittorrent clients need to connect to multiple peers (and have multiple peers connect to them) in order to function.

If your concern is the legality of the shared content (or if you plan on taking any action against your users), then your best defense is a well-written acceptable-use policy outlining the users' responsibility for their actions and forbidding the use of file-sharing software.

bonsaiviking
  • 11,316
  • 1
  • 27
  • 50
-1

Torrent programs can use both TCP and UDP ports. Bad news : you probably don't know torrent proxies that runs on port 80 ? They allow users to redirect their torrent traffic to the regular port 80, so you won't be able to do anything with ports.

Alternative : you could search for a list of popular torrent trackers and ban their IP (eg the most famous French tracker is tracker.t411.me : block it and the problem is solved. Users still can use proxies and VPN, but most of them will be discouraged). Search for torrent proxies too.

  • 5
    I wouldn't call the problem solved. Torrents are perfectly capable of working without trackers and given that there thousands of them, you could never ban them all. – Dracs Apr 09 '13 at 01:37
  • 1
    @Dracs agreed. I tried looking at peers and saw ports ranging 12000 - 60000. I also did blocking ports ranging 12000-65535 but can't prevent them coming from. – hodl Apr 09 '13 at 08:13
  • Het Jonathan, even BOn said the same. He clearly mentioned that a Bit Torrent client can use any port. Which essentially means it can use Port 80 also. Do you think port 80 will not come under this ANY port described by Bon. Nice and easy explanation Bon –  Jan 20 '14 at 21:37