@Vincent_28 said in How to block torrents:
use wireshark. to see the port of torrents and syn. seeds of bitorrent
That is a wack a mole game that will keep you busy to the end of time.. And as already stated - it can be ran over ports that you require to be open. 80/443..
The most effective method is application detection via your IPS - which again as the tech evolves signatures can change depending on the p2p product being used.. Which your IPS might not detect, analysis of traffic flow patterns can help in detection as well, etc..
But blocking of ports is not going to stop someone that knows what they are doing and how the protocol can be used.
Good way to stop it is only allow your proxy outbound.. where clients have NO direct outbound connection capability... And block lists on your proxy to prevent connection to p2p networks even over the proxy, etc.
Trying to control user access once you have given them even 1 port outbound is going to be a never ending battle ;)