Logging Bittorrent File_Names

Reply
Highlighted
L2 Linker

Logging Bittorrent File_Names

Probably a bit of weird question this one, but as the Evil Firewall Admin at an academic institution I sometimes get asked weird questions so I thought I'd pass the joy onwards. We have a researcher who is interested in data on piracy, and I thought I'd try to collect some data on bittorrent traffic (which is mostly allowed) including the filenames.

Unfortunately the firewall logs don't seem to include the filenames for bittorrent.

a) Is this down to a configuration setting I've not found as yet?

b) Is there some other way of including that data?

It's quite possible I'm asking for something that's effectively impossible but it doesn't hurt to ask.

(Running PA5250s in active/standby running PANOS 8.1.15)

Highlighted
Cyber Elite

@MikeMeredith,

I don't think your going to be able to grab the filename over a bittorrent transfer, due to the way that the firewall would see the data chunklet. If you think about what Bittorrent actually does, you aren't downloading mypiratedmusic.mp3, you're downloading a bunch of little pieces of that file from a bunch of different sources. One of the key aspects of Torrents is that you aren't really ever supposed to be able to see the actual contents of the files being distributed to different peers. 

Highlighted
L2 Linker

Thanks! I suspect you're right, but there was no harm in asking.

My support route has me messing around with file blocking to get the file names logged

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!