Snort mailing list archives
Re: Chat/IM
From: Bryan Irvine <bryan.irvine () kingcountyjournal com>
Date: Tue, 13 Apr 2004 14:45:13 -0700
won't work. the popular services (msn/aim,etc...) run the service on all ports to make things easy to get on. So If you blocked all but those ports, the client would see that it can't connect and try a different port, then it would just sign on to the same server it has been, just on port 80. You'd have to just be vigilant and block the servers, and whenever a new one was turned on block that one too. No way to block it 100% but you can get close. --Bryan On Tue, 2004-04-13 at 14:03, Remko Lodder wrote:
Harper, Patrick wrote: Use a proxy and only allow 80/443 and 21/20 ???Does anyone have an effective way of blocking chat/IM? Krisa Rowland ERDC Information Assurance Team
------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Chat/IM Rowland, Krisa W ERDC-ITL-MS Contractor (Apr 13)
- Message not available
- Re: Chat/IM Matt Kettler (Apr 13)
- Message not available
- <Possible follow-ups>
- RE: Chat/IM Rowland, Krisa W ERDC-ITL-MS Contractor (Apr 13)
- RE: Chat/IM Harper, Patrick (Apr 13)
- Re: Chat/IM Remko Lodder (Apr 13)
- Re: Chat/IM Craig Paterson (Apr 13)
- Re: Chat/IM Bryan Irvine (Apr 13)
- Re: Chat/IM Remko Lodder (Apr 13)
- RE: Chat/IM Harper, Patrick (Apr 13)
- RE: Chat/IM Larry Pitcher (Apr 13)
- Re: Chat/IM Mark . Schutzmann (Apr 14)
- RE: Chat/IM Rowland, Krisa W ERDC-ITL-MS Contractor (Apr 14)
- RE: Chat/IM Lyons, Jon (Apr 14)
- RE: Chat/IM Joe Thompson (Apr 15)