Security Basics mailing list archives

Re: how to block ALL AIM traffic ?

From: Markus Schabel <markus.schabel () tgm ac at>
Date: Thu, 28 Apr 2005 00:29:44 +0200

Realized Mofo wrote:

I am at an office with 50~ machines , out of thoes about 20 or so use
AIM. I would like to block AIM and normally i'd just block the AIM
port (5190) or whatever it is..

BUT AOL seems to have found a great way around this and has 4000+
diffrent ports they use and i'd assume lots of diffrent hosts.

Whats the best way of blocking all AIM traffic ?


I'm not sure about AIM, but since it is somewhat compatible with ICQ, I
think I can compare these two.
For ICQ it is IMHO not possible to block ICQ traffic with port-based
firewalling, since you can use almost any port with ICQ (it works even
over port 25 or 53), so I think you can always find a port that is open
in the firewall. Except you block all traffic and allow internet access
only via proxy. Then you can do aa application or protocol based (means
content-aware) filtering, which should work for these protocols.

best regards, Markus

Current thread:

how to block ALL AIM traffic ? Realized Mofo (Apr 27)
- Re: how to block ALL AIM traffic ? Gabriel Orozco (Apr 28)
- Re: how to block ALL AIM traffic ? /boot (Apr 28)
- Re: how to block ALL AIM traffic ? Ramon Kagan (Apr 28)
- Re: how to block ALL AIM traffic ? Bipin Gautam (Apr 28)
- Re: how to block ALL AIM traffic ? Times Enemy (Apr 28)
- RE: how to block ALL AIM traffic ? Evan Littmann (Apr 28)
- Re: how to block ALL AIM traffic ? Netops (Apr 28)
- Re: how to block ALL AIM traffic ? Markus Schabel (Apr 28)
- Re: how to block ALL AIM traffic ? Mark Owen (Apr 29)
- Re: how to block ALL AIM traffic ? david kuhlman (Apr 29)
- <Possible follow-ups>
- Re: how to block ALL AIM traffic ? H Carvey (Apr 28)
- RE: how to block ALL AIM traffic ? Rochford, Paul (Apr 28)
- Re: how to block ALL AIM traffic ? Mark Cyprus (Apr 29)
- RE: how to block ALL AIM traffic ? Joe Kanser (Apr 29)