Security Basics mailing list archives
RE: Blocking Instant Messaging Applications
From: Murad Talukdar <talukdar_m () subway com>
Date: Thu, 24 Nov 2005 16:22:44 +1000
I think I'm able to block MSN and hopefully won't be able to use web-versions or other IM(please let me know if my hope is false). Users who shouldn't be using MSN cannot surf the net like normals because they have no net access except for a few allowed sites. Some users are allowed to use MSN(directors etc--you know the usual deal!). So they have been schooled in what's safe and what's not. Regards Murad Talukdar -----Original Message----- From: Beauford, Jason [mailto:jbeauford () EightInOnePet com] Sent: Wednesday, November 23, 2005 6:26 AM To: Gaddis, Jeremy L.; Alloishus BeauMains Cc: security-basics () securityfocus com Subject: RE: Blocking Instant Messaging Applications Use DNS to resolve them (hostnames like oscar.aol.com) to a local-non-existent address. Or just block the associated outgoing ports at the firewall. Or use a thirdparty filter like: SurfControl or Websense JMB | -----Original Message----- | From: Gaddis, Jeremy L. [mailto:jeremy () linuxwiz net] | Sent: Monday, November 21, 2005 8:04 PM | To: Alloishus BeauMains | Cc: security-basics () securityfocus com | Subject: Re: Blocking Instant Messaging Applications | | Alloishus BeauMains wrote: | > At the PIX or firewall, or wherever your ACLs are | kept, block incoming | > or outgoing traffic to oscar.aol.com, the | messenger login servers, | > trillian, yahoo, etc etc etc. | | Unfortunately, this method also has a great deal of | administrative overhead. Do a lookup on | messenger.hotmail.com. Do another lookup two weeks | from now. A beer says that the IPs will differ. | Trying to keep up with this is futile. If you don't | believe me, see MS KB Article | #889829 | (http://support.microsoft.com/default.aspx/kb/889829) | . I implemented this on February 13th. It worked | for perhaps a month. | | Heck, just checked and that article isn't even | available anymore. It's referenced at | http://www.microsoft.com/security/incident/im.mspx, | but clicking on the link gets you to an error page. | | Thanks, | -j | | -- | Jeremy L. Gaddis, GCWN | http://www.linuxwiz.net/
Current thread:
- Re: Blocking Instant Messaging Applications, (continued)
- Re: Blocking Instant Messaging Applications Neksus (Nov 21)
- Re: Blocking Instant Messaging Applications Alloishus BeauMains (Nov 22)
- Re: Blocking Instant Messaging Applications Gaddis, Jeremy L. (Nov 22)
- RE: Blocking Instant Messaging Applications Aditya Deshmukh (Nov 24)
- Re: Blocking Instant Messaging Applications Gaddis, Jeremy L. (Nov 22)
- RE: Blocking Instant Messaging Applications Alexis Villagra - VILSOL LatinAmerica (Nov 22)
- Re: Blocking Instant Messaging Applications Alloishus BeauMains (Nov 22)
- RE: Blocking Instant Messaging Applications Collier, Simon (Nov 22)
- RE: Blocking Instant Messaging Applications Aditya Deshmukh (Nov 24)
- RE: Blocking Instant Messaging Applications Hartmann (Nov 25)
- RE: Blocking Instant Messaging Applications Aditya Deshmukh (Nov 24)
- RE: Blocking Instant Messaging Applications Beauford, Jason (Nov 23)
- RE: Blocking Instant Messaging Applications Murad Talukdar (Nov 24)
- Re: Blocking Instant Messaging Applications Neksus (Nov 23)
- Re: Blocking Instant Messaging Applications Neksus (Nov 21)