[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW-1] those darn messengers... (blocking AOL)
The two IP addresses I've discovered for login.oscar.aol.com are: 64.12.161.153 64.12.161.185 At the fw-1 box, add a static route: On NT: "add route -p 64.12.161.153 mask 255.255.255.255 a.b.c.d" (where "a.b.c.d" is dummy IP address or even the external IP of your FW-1 box)" This sends ALL internal AOL-IM logon requests (on all ports) destined for login.oscar.aol.com to the dummy address - they hit the wall and sit there. The client can never log in - eventually stops trying. Good luck! - Jeff > ---------- > From: Dean Bishop[SMTP:[email protected]] > Reply To: Mailing list for discussion of Firewall-1 > Sent: Friday, February 08, 2002 11:44 AM > To: [email protected] > Subject: Re: [FW-1] those darn messengers... > > yes, the problem seems to be that these %#$&@# messenger > services can get through on port 80. > > This means that port blocking is not an option. > Being pretty inexperienced in fw-1, i am looking to see if > there is any other way of blocking this type of traffic. > > Is there any way on God's green earth the traffic can be > scanned for content or application type and then blocked based > on that? > > thanks, > dean > > > > ________________________________________________ > Get your own "800" number > Voicemail, fax, email, and a lot more > http://www.ureach.com/reg/tag > > > ---- On Fri, 08 Feb 2002, Joe Pampel ([email protected]) wrote: > > > If you are using the generally reccommended explicit-permit > type > > rulebase* > > you will not have this problem at all. (unless your users are > using the > > = > > http version of > > AIM I guess.. ) > > You would have to enable the AOL port to get through.. For > example > > I have the opposite problem that you do: Loser that I am, I > lost the > > argument with mgt regarding use of AIM, so now I am trying to > get it > > to=20 > > work! Even trying an "any any AOL accept" rule did not fix > it.. > > incoming > > messages head for the AOL port but have random source ports. > (so they > > go splat..) PITA. I am not opening ports 1024 - 5000 or > whatever so = > > people=20 > > can chat.=20 > > I know, I'm a real jerk like that. ;-)=20 > > > > <rant> > > What's the use of a FW when you can send files/virus/trojan > etc via AIM? > > Same problem with Bloomberg mail.. it can send attachements > too. & no > > = > > way > > to scan them... =20 > > </rant> > > > > * where your rules are basically permitting the traffic you > want, and > > the last rule is any any any drop. (aka 'the cleanup rule') > This is > > IMHO = > > the 'right' > > way to build a rulebase.=20 > > YMMV!=20 > > > > hth > > > > Joe > > > > >>> Dean Bishop <[email protected]> 02/08/02 08:31AM >>> > > Good morning, > > > > i have been doing alot of searching and think that i have > > come to the correct conclusion that there is currently no way > > of blocking messenger services such as AIM and MSN Messenger > > except by blocking access to the IP addresses for their > servers. > > > > Can someone confirm this for me? > > > > thanks, > > dean > > > > > > ________________________________________________ > > Get your own "800" number > > Voicemail, fax, email, and a lot more > > http://www.ureach.com/reg/tag=20 > > > > > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= > 3D=3D=3D=3D= > > > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= > 3D=3D=3D > > To set vacation, Out Of Office, or away messages, > > send an email to [email protected]=20 > > in the BODY of the email add: > > set fw-1-mailinglist nomail > > > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= > 3D=3D=3D=3D= > > > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= > 3D=3D=3D > > To unsubscribe from this mailing list, > > please see the instructions at > > http://www.checkpoint.com/services/mailing.html=20 > > > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= > 3D=3D=3D=3D= > > > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= > 3D=3D=3D > > If you have any questions on how to change your > > subscription options, email > > [email protected]=20 > > > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= > 3D=3D=3D=3D= > > > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= > 3D=3D=3D > > > > > > > > ================================================= > To set vacation, Out Of Office, or away messages, > send an email to [email protected] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [email protected] > ================================================= > ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|