Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Blocking messenger apps

Status
Not open for further replies.
Sort by date Sort by votes
Upgrading the netscreen to 5.2.0r2.0 gave me the options I needed to block pretty much any instant messenger app
 
Upvote 0 Downvote
Is there any place to download the other OS's? My Support ran out and I never upgraded and I come to find out that there were like 5 updates during the time my support was active and they won't let me grandfather it and get those updates now since my support is up :( Any place to get those?
 
Upvote 0 Downvote
An easer answer would be just put a limit on what protocols you allow out in your policies.And what model netscreen do you have?
 
Upvote 0 Downvote
That would be an easier answer, if things like yahoo and msn weren'ty able to run over port 80 etc. I'm using 5GT's and 25 GT's
 
Upvote 0 Downvote
Hello,
I simply block the netblocks (trust to untrust) being used by known IM Servers (among other things). This policy is at the top of my list and I log it from time to time to document who in the company is violating policy.

Rgds,

John
 
Upvote 0 Downvote
I'm using OS5.0 - upgraded to 5.1 to get the policies to block messenger programs and had several problems - slow downs, Outllok Web Access not working (when Deep Inspection activated), etc. Dropped back to 5.0. Manually added info to block MSN and AOL but need info on Yahoo. If anyone could provide info needed to block Yahoo I will be very grateful. Thanks.
 
Upvote 0 Downvote
The easiest way to block these apps is the following:

(not on the firewall though)

Put entries on your DNS servers that resolve the DNS name of the login servers (like login.aol.oscar.com) to a bogus location (like 127.0.0.1 - localhost).

I know this sounds dopey, but it's remarkably effective, and takes a fairly technical user to get around it. You can also block the login server subnets on the netscreens (addresses can be found on google)... between these two things, no one is going anywhere!

"I would rather have a free bottle in front of me, than a pre-frontal lobotomy..."

-Shrubble
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

meninblack
  • Locked
  • Question
Blocking Attachments - ActiveSync
Replies
0
Views
39
meninblack
meninblack
Mike4CCM
  • Locked
  • Question
ASA 5505 blocking all DNS but OpenDNS
Replies
2
Views
60
cisconooblet
cisconooblet
usfregale
  • Locked
  • Question
ASA Blocking Ports over VPN 1
Replies
4
Views
66
hairlessupportmonkey
hairlessupportmonkey
davy2k
  • Locked
  • Question
blocking File copy on SSG 5 issue
Replies
0
Views
46
davy2k
davy2k
petaverde
  • Locked
  • Question
ISA2006 - Identify client apps
Replies
0
Views
25
petaverde
petaverde

Part and Inventory Search

Sponsor

Back
Top