Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Blocking Instant Messaging Applications

from [Murad Talukdar] Network Security [Permanent Link]
Subject: RE: Blocking Instant Messaging Applications
Date: Thu, 24 Nov 2005 16:22:44 +1000 
I think I'm able to block MSN and hopefully won't be able to use
web-versions or other IM(please let me know if my hope is false). Users who
shouldn't be using MSN cannot surf the net like normals because they have no
net access except for a few allowed sites.
Some users are allowed to use MSN(directors etc--you know the usual deal!).
So they have been schooled in what's safe and what's not.

Regards
Murad Talukdar

-----Original Message-----
From: Beauford, Jason [mailto:jbeauford@EightInOnePet.com] 
Sent: Wednesday, November 23, 2005 6:26 AM
To: Gaddis, Jeremy L.; Alloishus BeauMains
Cc: security-basics@securityfocus.com
Subject: RE: Blocking Instant Messaging Applications

Use DNS to resolve them (hostnames like oscar.aol.com) to a
local-non-existent address.

Or just block the associated outgoing ports at the firewall.

Or use a thirdparty filter like:

        SurfControl
        or
        Websense 

JMB

        |  -----Original Message-----
        |  From: Gaddis, Jeremy L. [mailto:jeremy@linuxwiz.net] 
        |  Sent: Monday, November 21, 2005 8:04 PM
        |  To: Alloishus BeauMains
        |  Cc: security-basics@securityfocus.com
        |  Subject: Re: Blocking Instant Messaging Applications
        |  
        |  Alloishus BeauMains wrote:
        |  > At the PIX or firewall, or wherever your ACLs are 
        |  kept, block incoming 
        |  > or outgoing traffic to oscar.aol.com, the 
        |  messenger login servers, 
        |  > trillian, yahoo, etc etc etc.
        |  
        |  Unfortunately, this method also has a great deal of 
        |  administrative overhead.  Do a lookup on 
        |  messenger.hotmail.com.  Do another lookup two weeks 
        |  from now.  A beer says that the IPs will differ.  
        |  Trying to keep up with this is futile.  If you don't 
        |  believe me, see MS KB Article
        |  #889829 
        |  (http://support.microsoft.com/default.aspx/kb/889829)
        |  .  I implemented this on February 13th.  It worked 
        |  for perhaps a month.
        |  
        |  Heck, just checked and that article isn't even 
        |  available anymore.  It's referenced at 
        |  http://www.microsoft.com/security/incident/im.mspx, 
        |  but clicking on the link gets you to an error page.
        |  
        |  Thanks,
        |  -j
        |  
        |  --
        |  Jeremy L. Gaddis, GCWN
        |  http://www.linuxwiz.net/
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Sans GIAC GSEC exam, Steve Barron
Next by Date:  Re: Selectively disabling USB devices, Sandeep Agarwal
Previous by Thread:  RE: Blocking Instant Messaging Applications, Beauford, Jason
Next by Thread:  password cracking: one char at a time., michael young
Indexes:  [Date] [Thread] [Top] [All Lists]