Re: how to block ALL AIM traffic ?
From: Gabriel Orozco (gabriel_orozco_at_mx.sumida.com)
Date: 04/27/05
- Previous message: Kelly Martin: "SF new column announcement: Cleanliness next to Rootliness"
- In reply to: Realized Mofo: "how to block ALL AIM traffic ?"
- Next in thread: /boot: "Re: how to block ALL AIM traffic ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "Realized Mofo" <realized@gmail.com>, <security-basics@securityfocus.com> Date: Wed, 27 Apr 2005 16:19:18 -0500
Maybe if you sniff a AIM connection
you can check if they are using a MIME type or a string to Authenticate
then you can filter it on the firewall. not all the ports, but the
communication itself.
I use linux for the firewall and open only port 80 using Squid proxy +
squidGuard. it works well, but I have no user with AIM due to policy.
if any user tries to pass over the policy and install AIM, I would try to do
what I already wrote.
Regards
Gabriel Orozco
Sysadmin
----- Original Message -----
From: "Realized Mofo" <realized@gmail.com>
To: <security-basics@securityfocus.com>
Sent: Tuesday, April 26, 2005 6:32 PM
Subject: how to block ALL AIM traffic ?
I am at an office with 50~ machines , out of thoes about 20 or so use
AIM. I would like to block AIM and normally i'd just block the AIM
port (5190) or whatever it is..
BUT AOL seems to have found a great way around this and has 4000+
diffrent ports they use and i'd assume lots of diffrent hosts.
Whats the best way of blocking all AIM traffic ?
- Previous message: Kelly Martin: "SF new column announcement: Cleanliness next to Rootliness"
- In reply to: Realized Mofo: "how to block ALL AIM traffic ?"
- Next in thread: /boot: "Re: how to block ALL AIM traffic ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
