Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Blocking Instant Messaging Applications

from [Beauford, Jason] Network Security [Permanent Link]
Subject: RE: Blocking Instant Messaging Applications
Date: Tue, 22 Nov 2005 15:25:33 -0500 
Use DNS to resolve them (hostnames like oscar.aol.com) to a
local-non-existent address.

Or just block the associated outgoing ports at the firewall.

Or use a thirdparty filter like:

        SurfControl
        or
        Websense 

JMB

        |  -----Original Message-----
        |  From: Gaddis, Jeremy L. [mailto:jeremy@linuxwiz.net] 
        |  Sent: Monday, November 21, 2005 8:04 PM
        |  To: Alloishus BeauMains
        |  Cc: security-basics@securityfocus.com
        |  Subject: Re: Blocking Instant Messaging Applications
        |  
        |  Alloishus BeauMains wrote:
        |  > At the PIX or firewall, or wherever your ACLs are 
        |  kept, block incoming 
        |  > or outgoing traffic to oscar.aol.com, the 
        |  messenger login servers, 
        |  > trillian, yahoo, etc etc etc.
        |  
        |  Unfortunately, this method also has a great deal of 
        |  administrative overhead.  Do a lookup on 
        |  messenger.hotmail.com.  Do another lookup two weeks 
        |  from now.  A beer says that the IPs will differ.  
        |  Trying to keep up with this is futile.  If you don't 
        |  believe me, see MS KB Article
        |  #889829 
        |  (http://support.microsoft.com/default.aspx/kb/889829)
        |  .  I implemented this on February 13th.  It worked 
        |  for perhaps a month.
        |  
        |  Heck, just checked and that article isn't even 
        |  available anymore.  It's referenced at 
        |  http://www.microsoft.com/security/incident/im.mspx, 
        |  but clicking on the link gets you to an error page.
        |  
        |  Thanks,
        |  -j
        |  
        |  --
        |  Jeremy L. Gaddis, GCWN
        |  http://www.linuxwiz.net/
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Blocking Instant Messaging Applications, Neksus
Next by Date:  Re: Writing papers on Information Security, Bob Radvanovsky
Previous by Thread:  Re: Blocking Instant Messaging Applications, Neksus
Next by Thread:  RE: Blocking Instant Messaging Applications, Murad Talukdar
Indexes:  [Date] [Thread] [Top] [All Lists]