NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] those darn messengers...



If you are using the generally reccommended explicit-permit type rulebase*
you will not have this problem at all. (unless your users are using the http version of
AIM I guess.. )
You would have to enable the AOL port to get through.. For example
I have the opposite problem that you do: Loser that I am,  I lost the
argument with mgt regarding use of AIM, so now I am trying to get it to
work!  Even trying an "any any AOL accept" rule did not fix it.. incoming
messages head for the AOL port but have random source ports. (so they
go splat..) PITA. I am not opening ports 1024 - 5000 or whatever so people
can chat.
I know, I'm a real jerk like that. ;-)

<rant>
What's the use of a FW when you can send files/virus/trojan etc via AIM?
 Same problem with Bloomberg mail.. it can send attachements too.  & no way
to scan them...
</rant>

* where your rules are basically permitting the traffic you want, and
the last rule is any any any drop.  (aka 'the cleanup rule')  This is IMHO the 'right'
way to build a rulebase.
YMMV!

hth

Joe

>>> Dean Bishop <[email protected]> 02/08/02 08:31AM >>>
Good morning,

  i have been doing alot of searching and think that i have
come to the correct conclusion that there is currently no way
of blocking messenger services such as AIM and MSN Messenger
except by blocking access to the IP addresses for their servers.

  Can someone confirm this for me?

thanks,
dean


________________________________________________
Get your own "800" number
Voicemail, fax, email, and a lot more
http://www.ureach.com/reg/tag

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.