[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW-1] Blocking IM applications
Hi Gurus, I was looking the email history but I couldn't find a message where someone asked about blocking IM applications, so I'll use this email to give a suggestion about how to do it. This was suggested by a customer and I didn't test it. Unfortunately does not use the firewall, but any traffic control device you might have on your network (packeteer, floodgate, etc...) The idea is to timeout the application connection, and not to block it. If you leave a small amount of band for it to do a three way handshake to the IM servers but not enough to establish a connection, they will try forever to connect without success and won't change ports because they are allowed to go through the firewall. You can use the firewall logs to identify witch ports this applications are using and go for it! Sounds to me like a very good way to go. Daniel Accioly Rosa CCSE CISSP ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|