Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Messenger Systems

Status
Not open for further replies.
bazcurtis

bazcurtis

Technical User
Jul 11, 2001
134
GB
Hi,

Could someone please tell me the best way to block messenger systems at the firewall. Do they use port 80? We would like to block all systems not just ms messenger.

Any help most welcome.

Best wishes

Michael
 
Sort by date Sort by votes
i have gone down this path before and here is what i did. i could constantly review all the new ports, protocols, tricks that messenger systems use. this would take a lot of time with administration. we decided to use Akonix Enforcer. this box is cabled to a span port on a switch right inside our FW. it detects P2P protocols and IM traffic. it also updates itself with the latest protocol/port changes (so i have been told). when it detects such traffic, it sends a TCP reset packet back to the source host killing the session and logs the activity. a popup msg also appears at the client. very, very slick. with their L7 product, you can create policies allowing certain users IM capabilities or force clients to use a certain IM app. we do not allow IM for compliance reasons, and until our attorney says its okay, Akonix is the way to go.
 
Upvote 0 Downvote
Can I throw a spanner in the works here?


This nice wee tool will send ANYTHING through port 80 so I'd always say block every port you don't specifically need and run software audits on a regular basis.

Grrrrrr.......

Iain
 
Upvote 0 Downvote
In throwing in a spanner... I'd like to add, depending on the users in your network, many services can be configured to use proxies even if you're only allowing say http (port 80). If someone is skilled they can even parse data through the same port while an httpd is running. I've seen it done a while back with a program called datapipe.c ... I think this would be above and beyond what the original poster wanted to know, but something others might like to know.

sil
 
Upvote 0 Downvote
I was going to say what Segment said.

Alot of UK universities try to block certain software, such as Kazaa etc, and block IM file sending...using a proxy you can get around this.

Your average Joe Bloggs office worker won't know this though, so no need to worry too much :)
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

colinT23
  • Locked
  • Question
Block Messenger & URL Filtering
Replies
4
Views
122
colinT23
colinT23
canadajoe
  • Locked
  • Question
How to manage workgroup and other domain systems
Replies
1
Views
76
terry712
terry712
RetrogradePAK
  • Locked
  • Question
Blocking MSN Messenger, Yahoo Messenger, Skype 1
Replies
11
Views
194
CompEngPro
CompEngPro
stooo
  • Locked
  • Question
Blocking messenger apps
Replies
8
Views
156
shrubble
shrubble
zoroaster
  • Locked
  • Question
MSM Messenger - what risks?
Replies
1
Views
73
Smorgan11
Smorgan11

Part and Inventory Search

Sponsor

Back
Top