Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Blocking Teamviewer

From: Flemming Laugaard <flemming () laugaard dk>
Date: Fri, 26 Mar 2010 21:43:17 +0100
I found this IDS rules for detection:
tcp $HOME_NET any -> $EXTERNAL_NET any (msg:"DynGate TeamViewer"; flow:from_client,from_server,established; content:"DynGate"; pcre:"/din.aspx ?s="; pcre:"&client=DynGate&p="; depth:12; sid:6661; rev:1;)
If you use Active Directory, you could block teamviewer.exe through a Group policy. 

--
Kind regards
Flemming Laugaard

_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: