Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: how to block ALL AIM traffic ?

from [Mark Cyprus] Network Security [Permanent Link]
Subject: Re: how to block ALL AIM traffic ?
Date: Thu, 28 Apr 2005 11:46:50 -0500 
Hi,

The only way I know is Websense Enterprise Manager running in network sniffing 
mode.  Though Websense was originally designed as a solution to block URLs, if 
you run it in network sniffing mode (and not as a firewall CVP) it also blocks 
protocols by signatures, not port. It works very well, we have no problems with 
it.


/boot <Slashboot@gmail.com> 04/27/05 05:01PM >>>

Hello

Realized Mofo wrote:

BUT AOL seems to have found a great way around this and has 4000+
diffrent ports they use and i'd assume lots of diffrent hosts.


Whats the best way of blocking all AIM traffic ?


You deny all outgoing connections, then you accept only outgoing 
connections to the ports that you enable in your firewall config (http, 
ftp, ssh ?). But, I think that people can continue using AIMs with http 
only (there are some web sites giving this kind of service for free like 
http://www.e-messenger.net/). A host based firewall rule should handle 
that! Remember also that if you are opening ssh access, people can use 
ssh tunneling and bypass firewall rules.

-- 
/boot
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: toolkits, Kevin Davis
Next by Date:  Re: VoIP Test Configuration, * KAPIL *
Previous by Thread:  RE: how to block ALL AIM traffic ?, Rochford, Paul
Next by Thread:  RE: how to block ALL AIM traffic ?, Joe Kanser
Indexes:  [Date] [Thread] [Top] [All Lists]