To support blocking I found (can't remember where tho) this Snort rule somewhere. Seems KaZaAv2 first does some UPD packeting out:
alert udp $HOME_NET 1109 -> $EXTERNAL_NET any (msg:"MISC UDP KaZaA v2 traffic"; content:"KaZaA"; classtype: misc-traffic; sid
If it doesn't get response, then it'll scan other ports to find an open one for outgoing connections. If you're running a simple Snort contrib like Guardian it shouldn't be hard to generate a blocking rule.