Firewall Wizards mailing list archives
Re: AIM to iChat AV
From: "M. Dodge Mumford" <dodge () dmumford com>
Date: Sun, 7 Mar 2004 20:49:13 -0500
Michael Tortorella said:
Im working on a mac osx panther system, and I'm trying to connect to someone on a windows professional system using iChat AV to AIM...they get an error that says is probably caused by a firewall. If this firewall is put in by their network, is there anyway around it?
I was going to start down the path of reminding you that this is a list for administrators of firewalls. These are people who want their firewalls to work and not be circumvented. Then I realized that your question can be intrepreted with a bit more subtlety. It sounds like your buddy wants to use a service, but isn't aware if it's permitted. He should read his site's security policy. Ok, given that his site probably doesn't have one, or if he does it's written sufficiently poorly to determine whether it's permitted, he should ask. But what makes me wonder is whether there are firewalls on the market that do more than simply block address/port combinations or perform content analysis. What I'm thinking of is an inline intelligent rejection. For example in this case, the firewall would accept the AIM login (no matter what it is), and display a message to the user saying that AIM is forbidden with an administratively-defined link to the security policy). I can imagine such inline rejection being useful for a number of protocols. "request.administratively.prohibited" for DNS. "220 Connection Administratively Prohibited, see http://foo.bar.bletch/policy.html" for FTP. And so forth. Does something like that exist? Oh, and in response to your question "is there anyway around it?" If he's got some access to the Internet, the answer is "probably yes." The "How" is simply an implementation detail and an "excercise left to the reader." -- Dodge
Attachment:
_bin
Description:
Current thread:
- AIM to iChat AV Michael Tortorella (Mar 07)
- Re: AIM to iChat AV Paul Robertson (Mar 07)
- Re: AIM to iChat AV M. Dodge Mumford (Mar 07)
- <Possible follow-ups>
- RE: AIM to iChat AV Stiennon,Richard (Mar 07)
- RE: AIM to iChat AV Paul Robertson (Mar 11)