NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW-1] blocking Instant Messaging (AOL's AIM) us



(F/W: 4.1 sp4)
 
In the August issue of information security magazine, they have a great article on Instant messaging.  Unfortunately they didn't tell me anything new :(  I have been trying to block IM off and on...but this article re-energized me.  Here are the steps I have take so far in an attempt to block AOL's AIM
 
Currently Blocking:
5190 tcp/udp
4443 tcp/udp
All traffic to login.oscar.aol.com (which is 64.12.x.x)
 
I've tried these rules:
 
Internal network     login.oscar.aol.com    tcp/udp 53 tcp/udp 4443 tcp 5190 http/s     drop    long
*Nice...it's using the DNS port, this thing is like a Trojan, it will actually scan for open ports
 
Internal Network    login.oscar.aol.com      ANY    drop long
 
What am I missing?  Is there any reason a reverse rule is needed? 
 
Any info is appreciated,
 
-AD


 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.