Security Basics mailing list archives
Re: how to block ALL AIM traffic ?
From: "Gabriel Orozco" <gabriel_orozco () mx sumida com>
Date: Wed, 27 Apr 2005 16:19:18 -0500
Maybe if you sniff a AIM connection you can check if they are using a MIME type or a string to Authenticate then you can filter it on the firewall. not all the ports, but the communication itself. I use linux for the firewall and open only port 80 using Squid proxy + squidGuard. it works well, but I have no user with AIM due to policy. if any user tries to pass over the policy and install AIM, I would try to do what I already wrote. Regards Gabriel Orozco Sysadmin ----- Original Message ----- From: "Realized Mofo" <realized () gmail com> To: <security-basics () securityfocus com> Sent: Tuesday, April 26, 2005 6:32 PM Subject: how to block ALL AIM traffic ? I am at an office with 50~ machines , out of thoes about 20 or so use AIM. I would like to block AIM and normally i'd just block the AIM port (5190) or whatever it is.. BUT AOL seems to have found a great way around this and has 4000+ diffrent ports they use and i'd assume lots of diffrent hosts. Whats the best way of blocking all AIM traffic ?
Current thread:
- how to block ALL AIM traffic ? Realized Mofo (Apr 27)
- Re: how to block ALL AIM traffic ? Gabriel Orozco (Apr 28)
- Re: how to block ALL AIM traffic ? /boot (Apr 28)
- Re: how to block ALL AIM traffic ? Ramon Kagan (Apr 28)
- Re: how to block ALL AIM traffic ? Bipin Gautam (Apr 28)
- Re: how to block ALL AIM traffic ? Times Enemy (Apr 28)
- RE: how to block ALL AIM traffic ? Evan Littmann (Apr 28)
- Re: how to block ALL AIM traffic ? Netops (Apr 28)
- Re: how to block ALL AIM traffic ? Markus Schabel (Apr 28)
- Re: how to block ALL AIM traffic ? Mark Owen (Apr 29)
- Re: how to block ALL AIM traffic ? david kuhlman (Apr 29)
- <Possible follow-ups>
- Re: how to block ALL AIM traffic ? H Carvey (Apr 28)
(Thread continues...)