Security Basics mailing list archives
RE: Instant Messaging hash values
From: "Robinson, Sonja" <SRobinson () HIPUSA com>
Date: Mon, 8 Aug 2005 11:51:31 -0400
Hard to block at the firewall, they've adapted to random ports, so if you block 5190 it just moves. Even worse, many chat web sites are going right over port 80. I'd be interested in the solution myself. Written warnings and penalties don't mean anything to anyone. We've got to block it. I've got PHI and financial info to worry about and one disclosure can be disaster. Sonja L. Robinson, CISSP, CIFI, CISA, CISM Forensic Specialist, Digital Investigations HIP Information Security Group Tel: 212-806-4125 srobinson () hipusa com -----Original Message----- From: Netops [mailto:michael () bluesuperman com] Sent: Saturday, August 06, 2005 4:31 PM To: Nick Duda Cc: security-basics () securityfocus com Subject: Re: Instant Messaging hash values Hello, I think that this would be to hard to maintain, why not simple block the type of traffic on the firewall or proxy server. Michael Nick Duda wrote:
I'm looking to create a software restriction policy via GPO to prevent
different instant messenger services (AIM, MSN, Yahoo, Trillian..etc) from running based on the hash value. Short of gathering all know binaries for each client is there any way to obtain hash codes from past versions anywhere....perhaps a website with a repository of hash values for binaries? Thanks in advance, Nick Duda - Systems Administrator
Current thread:
- Instant Messaging hash values Nick Duda (Aug 05)
- Re: Instant Messaging hash values Dave Aronson (Aug 08)
- Re: Instant Messaging hash values Netops (Aug 08)
- Re: Instant Messaging hash values Gaddis, Jeremy L. (Aug 10)
- Re: Instant Messaging hash values David Siles (Aug 15)
- <Possible follow-ups>
- RE: Instant Messaging hash values Nick Duda (Aug 10)
- RE: Instant Messaging hash values Robinson, Sonja (Aug 10)
- Re: Instant Messaging hash values Ayaz Ahmed Khan (Aug 10)
- RE: Instant Messaging hash values David Gillett (Aug 10)
- Re: Instant Messaging hash values NewYork User (Aug 12)
- RE: Instant Messaging hash values Keith Bucher (Aug 12)