Re: AIM

["Paul D. Robertson" <proberts () patriot net>]

On Tue, 1 Oct 2002, Christopher Hicks wrote:

> Blocking AIM is tough.  It tries every port it can including things that
> are surely 'ok' for most firewalls like 80 110.  Since you can't do it via
> port-blocking they've probably blocked the ip blocks for the AIM servers.  

That's not all that tough, the destinations haven't moved in quite a 
while, you can also block the two protocols, even tunneled if you wanted 
to do more work.  

> instead of homework.)  The only way around the ISP's firewall is to get
> somebody to tunnel your traffic.  That'll require some sort of VPN between
> your box and somebox outside your ISP.  That would solve your other 
> problem as well.

People suggesting work arounds should also note that if working around a 
firewall is against policy, it could be cause for serious trouble, 
from administrative to *criminal* charges[1] depending on the 
jurisdiction, laws, intent, method and protocol.  Someone has instituted a 
policy for a reason, and exceptions to, or questions about the policy 
should go back through the appropriate channels.  Since firewalls are part 
of the instantiation of the policy, purposefully going around them 
(especially coupled with public mailing list posts asking how) proves 
intent quite nicely.

> What sort of ISP blocks AIM anyway?  Switch or get DSL or something.

As Jim pointed out, almost obviously a school does- "The firewall ate my 
homework!"


Paul  
-----------------------------------------------------------------------------
Paul D. Robertson      "My statements in this message are personal opinions
proberts () patriot net      which may have no basis whatsoever in fact."
probertson () trusecure com Director of Risk Assessment TruSecure Corporation

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards