Security Basics mailing list archives
Re: how to block ALL AIM traffic ?
From: Markus Schabel <markus.schabel () tgm ac at>
Date: Thu, 28 Apr 2005 00:29:44 +0200
Realized Mofo wrote:
I am at an office with 50~ machines , out of thoes about 20 or so use AIM. I would like to block AIM and normally i'd just block the AIM port (5190) or whatever it is.. BUT AOL seems to have found a great way around this and has 4000+ diffrent ports they use and i'd assume lots of diffrent hosts. Whats the best way of blocking all AIM traffic ?
I'm not sure about AIM, but since it is somewhat compatible with ICQ, I think I can compare these two. For ICQ it is IMHO not possible to block ICQ traffic with port-based firewalling, since you can use almost any port with ICQ (it works even over port 25 or 53), so I think you can always find a port that is open in the firewall. Except you block all traffic and allow internet access only via proxy. Then you can do aa application or protocol based (means content-aware) filtering, which should work for these protocols. best regards, Markus
Current thread:
- how to block ALL AIM traffic ? Realized Mofo (Apr 27)
- Re: how to block ALL AIM traffic ? Gabriel Orozco (Apr 28)
- Re: how to block ALL AIM traffic ? /boot (Apr 28)
- Re: how to block ALL AIM traffic ? Ramon Kagan (Apr 28)
- Re: how to block ALL AIM traffic ? Bipin Gautam (Apr 28)
- Re: how to block ALL AIM traffic ? Times Enemy (Apr 28)
- RE: how to block ALL AIM traffic ? Evan Littmann (Apr 28)
- Re: how to block ALL AIM traffic ? Netops (Apr 28)
- Re: how to block ALL AIM traffic ? Markus Schabel (Apr 28)
- Re: how to block ALL AIM traffic ? Mark Owen (Apr 29)
- Re: how to block ALL AIM traffic ? david kuhlman (Apr 29)
- <Possible follow-ups>
- Re: how to block ALL AIM traffic ? H Carvey (Apr 28)
- RE: how to block ALL AIM traffic ? Rochford, Paul (Apr 28)
- Re: how to block ALL AIM traffic ? Mark Cyprus (Apr 29)
- RE: how to block ALL AIM traffic ? Joe Kanser (Apr 29)