Blocking software download

[benci]

Hi!
I have a network of about 30 NT4/2000 wks which has a firewall/vpn Sonicwall SOHO-3 installed. I would love to find a way to prevent users from downloading AIM, Morpheus, MSN mesenger etc. I thought that blocking the ports for these programes would be the best solution. I have tried to find these kind of settings on Sonicwall but I don't see anything. I can block certain web pages e.g.

http://www.aol.com

so that users wouldn't be able to download AIM, but this would prevent others from reading their email. Can anybody give me some advice please !?
Thank you

 

[hnd]

Usually you need the Ports
25 for sending Mail
110 for receiving Mail (pop3)
80 for Webbrowsing

For some special services you need special ports.

That means you cannot prevent anybody from downloading Software like AIM, MSN or ICQ but you can prevent from using it.

If you are blocking the Ports for these services you are on a safe side.


hnd
hasso55@yahoo.com

 

[jnicks]

Hi Benci,

Port blocking gotta be there, port blocking is pretty simple and SonicWall adverts say...

ICSA- certified, stateful inspection firewall and support for SonicWALL's IPSec VPN that delivers fast, secure access and is compatible with any manufacturer's IPSec-compliant VPN gateway.

----------------------
later..

Their online demo indicates it is in Access of the http management suite.

http://www.sonicwall.com/products/demo/index.html

called services in stead of prots, tha same thing just to confuse people.

Also confusing is that under rules I did not see any way to start off with DENY ALL, then permit 80, ...

SonicWall tech support ought to, I say ought to, be able to tell you about the setup to deny all.

Good luck.

 

[PcLinuxGuru]

benci check out my FAQ
faq83-3390 Visit

http://www.pcbench.homelinux.net:81/

 

[Grenage]

Instant messengers can go through pretty much any port you like so port blocking doesn't really work for these.