Re: [FW-1] those darn messengers...

[Neil De La Cruz <neil@FW1-NOSPAMAPPLIEDNETSYS.COM>]

login.oscar.aol.com has a lot more than two IPs.

use the GET ADDRESS button in the Net Object Properties with
login.oscar.aol.com in the Name box.  keep hitting this button and writing
down all IPs until you see the pattern repeat itself. (check regularly, too
(like once every two months), as AOL may move/add/change login servers).

then create objects for each of the IPs that you found.  drop them into a
group, and add that group to your rulebase.

i have never been able to successfully block the AIM service by blocking
ports. besides, i think that the user can change the source port to use in
AIM options, anyways.


Regards,
Neil


-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:FW-1-MAILINGLIST@beethoven.us.checkpoint.com]On Behalf Of Ron
Brown
Sent: Friday, February 08, 2002 1:44 PM
To: FW-1-MAILINGLIST@beethoven.us.checkpoint.com
Subject: Re: [FW-1] those darn messengers...


That's pretty much what I've found as well..  in the case of AOL IM,
I blocked all outbound traffic to the two IP addreses for
login.oscar.aol.com,
fired up an AIM client on a workstation and told it to "find a way around
the firewall".
It tried pretty damn hard, but was unable to connect.

Ron

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        Ron Brown
        Midrange Systems Specialist     Maine Medical Center
        Firewall/VPN Administrator      Information Services
        Voice:420 Cumberland Avenue
        FAX:Portland, Maine 04101
        Email:  brownr@mmc.org
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

>>> gprs@UREACH.COM 02/08/02 08:31AM >>>
Good morning,

  i have been doing alot of searching and think that i have
come to the correct conclusion that there is currently no way
of blocking messenger services such as AIM and MSN Messenger
except by blocking access to the IP addresses for their servers.

  Can someone confirm this for me?

thanks,
dean


________________________________________________
Get your own "800" number
Voicemail, fax, email, and a lot more
http://www.ureach.com/reg/tag

=================================================
To set vacation, Out Of Office, or away messages,
send an email to LISTSERV@lists.us.checkpoint.com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner@ts.checkpoint.com
=================================================

=================================================
To set vacation, Out Of Office, or away messages,
send an email to LISTSERV@lists.us.checkpoint.com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner@ts.checkpoint.com
=================================================

=================================================
To set vacation, Out Of Office, or away messages,
send an email to LISTSERV@lists.us.checkpoint.com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner@ts.checkpoint.com
=================================================