Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] AIM

To: [email protected]
Subject: Re: [FW-1] AIM
From: "Tice, Jeff (ADM)" <[email protected]>
Date: Fri, 11 Jan 2002 09:45:37 -0500
Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>

Thanks everyone for your time and input!  I have several solutions to work
with now :-)

- Jeff

-----Original Message-----
From: Atkinson, Ron [mailto:[email protected]]
Sent: Thursday, January 10, 2002 3:35 PM
To: [email protected]
Subject: Re: [FW-1] AIM

Also remember that if using HTTP as the transport through a proxy in AIM it
connects to a different server than login.oscar.aol.com. The configuration
lists this server, however actually connections are done to something like
aimhttp.oscar.aol.com or httpaim.oscar.aol.com. If anyone is using HTTP (not
HTTPS) through a proxy with the latest AIM client look in the logs and
you'll see this host listed instead (they even have their own MIME type now
too).

If there are any rules in the firewall allowing unauthenticated traffic to
'Any', then AIM can probabaly find a way through. The only way to really
block it then is to block any servers in the .oscar.aol.com subdomain, not
just the login server. Blocking by subdomain would be the best, but
CheckPoint is pretty horrible at that (they still want to think that
everything has single IP addresses). You may have to do a DNS lookup on
every IP address that they use and create a group of these hosts to block
it.

I also shouldn't have to ask this, but make sure that DNS is not an implied
rule. AIM will ride over DNS ports and pass through many firewalls that
allow open Internet DNS lookups.

Ron

-----Original Message-----
From: Jeremy Morrill [mailto:[email protected]]
Sent: Thursday, January 10, 2002 1:53 PM
To: [email protected]
Subject: Re: [FW-1] AIM

 login.oscar.aol.com resolves to multiple servers. Perhaps creating objects
for each server using there IP address and not its DNS name would resolve
the issue.
                                -JRM

-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:[email protected]] On Behalf Of Tice,
Jeff (ADM)
Sent: Thursday, January 10, 2002 12:17 PM
To: [email protected]
Subject: [FW-1] AIM

Hi!

Trying to block AOL Instant messenger.

I've created objects for login.oscar.aol.com servers.
I've created a rule: Internal network --> AOL IM login objects --> ANY
service - DROP

It seems that when you click "auto configure" on the IM client, it scans
ports until it finds one that works - eventhough the client can't ping the
login.oscar.aol.com server....

Any help would be appreciated :-)

Thanks!

- Jeff

Jeff Tice
Director of Technology
Hickory Public Schools- voice mail- fax
http://www.hickory.k12.nc.us

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

Prev by Date: [FW-1] Nokia & FLOWS
Next by Date: Re: [FW-1] FW-1 license problem
Previous by thread: Re: [FW-1] AIM
Next by thread: [FW-1] FW: XP SecureRemote setup?
Index(es):
- Date
- Thread