Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Chat/IM

From: Mark.Schutzmann () Omron com
Date: Wed, 14 Apr 2004 11:19:42 -0500

Krisa,

As this is a fairly frequently asked question, I am suprised that we still
have not gotten a good answer. I can tell you that I have successfully been
blocking P2P and Chat for a while now using a few combination layers of
security. I am working to develop a document that will hopefully outline
this in more detail. For now, I can tell you that I am using firewall rules
to block Yahoo, MSN and AIM/ICQ servers in combination with a customized
block list for Snort with FlexResp and NTop to monitor any additional chats
that crop up. Please let me know if a solution like this would be worth the
documentation.

Best Regards,
Mark




                                                                                                                        
                          
                      "Rowland, Krisa W                                                                                 
                          
                      ERDC-ITL-MS Contractor"             To:       "'snort-users () lists sourceforge net'" 
<snort-users () lists sourceforge net>     
                      <Krisa.W.Rowland@erdc.usace.        cc:                                                           
                          
                      army.mil>                           Subject:  [Snort-users] Chat/IM                               
                          
                      Sent by:                                                                                          
                          
                      snort-users-admin () lists sour                                                                   
                             
                      ceforge.net                                                                                       
                          
                                                                                                                        
                          
                                                                                                                        
                          
                      04/13/2004 02:26 PM                                                                               
                          
                                                                                                                        
                          
                                                                                                                        
                          




Does anyone have an effective way of blocking chat/IM?


Krisa Rowland
ERDC Information Assurance Team
(SAIC Contractor)
3909 Halls Ferry Rd.,  Bldg. 8000
Vicksburg, MS 39180
601-634-2493
krisa.w.rowland () erdc usace army mil










-------------------------------------------------------
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: