Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Blocking Instant Messaging Applications

From: "Gaddis, Jeremy L." <jeremy () linuxwiz net>
Date: Mon, 21 Nov 2005 19:51:46 -0500
Nick Duda wrote:

We use a GPO with a Software Restriction Policy. We then restrict all IM programs via the hash of the binary. This can be 
hard to maintain because each new or old version you need to obtain the hash of the binary. I'm still in search for 
some master hash database. It works well for what its worth. Combined with other measures it works out pretty good.
Sorry, I should've mentioned that we're already doing this. This was the first thing we did in an attempt to stop IM. Unfortunately, these programs are updated so frequently that it's impossible to keep up with them. While this is good in conjunction with other methods, this alone isn't good enough (for us). 

Thanks,
-j

--
Jeremy L. Gaddis, GCWN
http://www.linuxwiz.net/

"If it's not on fire, it's a software problem."
Previous By Date Next
Previous By Thread Next

Current thread: