Security Basics mailing list archives
Re: how to block ALL AIM traffic ?
From: Times Enemy <times () krr org>
Date: Thu, 28 Apr 2005 02:10:29 -0700
Greetings.Ideally, remove the application(s) from the machines. This can be done manually, or through policies. If that is not feasible, then filter the traffic at the gateway. Filtering the traffic is dependent on the type of ids/firewall/switch/router configuration(s) being used. I suggest you do both, remove the software, and filter the aim traffic.
Be familiar with the various types of transmissions/packets used by AIM. An easy way to do this is to fire up Ethereal, and watch specifically for AIM traffic.
http://www.google.com .times enemy Realized Mofo wrote:
I am at an office with 50~ machines , out of thoes about 20 or so use AIM. I would like to block AIM and normally i'd just block the AIM port (5190) or whatever it is.. BUT AOL seems to have found a great way around this and has 4000+ diffrent ports they use and i'd assume lots of diffrent hosts. Whats the best way of blocking all AIM traffic ?
Current thread:
- how to block ALL AIM traffic ? Realized Mofo (Apr 27)
- Re: how to block ALL AIM traffic ? Gabriel Orozco (Apr 28)
- Re: how to block ALL AIM traffic ? /boot (Apr 28)
- Re: how to block ALL AIM traffic ? Ramon Kagan (Apr 28)
- Re: how to block ALL AIM traffic ? Bipin Gautam (Apr 28)
- Re: how to block ALL AIM traffic ? Times Enemy (Apr 28)
- RE: how to block ALL AIM traffic ? Evan Littmann (Apr 28)
- Re: how to block ALL AIM traffic ? Netops (Apr 28)
- Re: how to block ALL AIM traffic ? Markus Schabel (Apr 28)
- Re: how to block ALL AIM traffic ? Mark Owen (Apr 29)
- Re: how to block ALL AIM traffic ? david kuhlman (Apr 29)
- <Possible follow-ups>
- Re: how to block ALL AIM traffic ? H Carvey (Apr 28)
- RE: how to block ALL AIM traffic ? Rochford, Paul (Apr 28)
- Re: how to block ALL AIM traffic ? Mark Cyprus (Apr 29)
- RE: how to block ALL AIM traffic ? Joe Kanser (Apr 29)