Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Blocking Instant Messaging Applications

From: "Aditya Deshmukh" <aditya.deshmukh () online gateway strangled net>
Date: Thu, 24 Nov 2005 08:03:42 +0530

At the PIX or firewall, or wherever your ACLs are kept, block incoming
or outgoing traffic to oscar.aol.com, the messenger login servers,
trillian, yahoo, etc etc etc.

You should be able to pull those from the connection logs. The clients
initiate contact with those authentication services, and if they can't
reach them, then they cannot logon and use them.

Cleanest and easiest to me. If people cant logon to the service, then
you have rendered it useless.


What about http proxies that can be used as a hop ? 
Most of the chat programs can use a HTTP proxy 

I think the best way would be to block packets contains 
the connect string as well 


________________________________________________________________________
Delivered using the Free Personal Edition of Mailtraq (www.mailtraq.com)
Previous By Date Next
Previous By Thread Next

Current thread: