Home page logo
/

basics logo Security Basics mailing list archives

Betr.: Blocking IRC Access
From: "Philip Wagenaar" <p.wagenaar () accon nl>
Date: Tue, 18 Nov 2003 09:21:08 +0100

Just blocking ports 6665 to 6669 is not enough.

Most IRC servers also support ports like 7777 and some other exotic ports.
Best way to block IRC? most workstations only need HTTP access to outside world. Use LOCAL IP's and HTTP proxy with 
firewall

Met vriendelijke groet,

Philip Wagenaar

AccoN Accountants & Adviseurs
ICT Project Bureau
Postbus 5090
6802 EB Arnhem
The Netherlands

tel. +31 (0)26-3842384
fax. +31 (0)26-3630222
mobile: +31 (0)6-25388935
MSN/E-mail: p.wagenaar () accon nl
http://www.accon.nl


"Mike" <mjcarter () ihug co nz> 17-11-03 08:46 >>>
Hi All,
I'm looking at moving my career towards security, so was interested when I
received an email from our security department that stated they would be
blocking IRC by closing ports 6665-6669.

I would have thought a lot more ports would need to be closed if the secops
wanted to completely block IRC.

What is the "best" way to disable access to IRC?

Block known ports, what ports would need to be blocked?

Or just drop packets, how would that be done?

We use Cisco equipment and are primarily a win2k 70% winxp 30% site

Like I said I'm wanting to move into security, but at the moment I wouldn't
even class myself as a novice.

Any input I could get from this list will be very much appreciated!

Thanks
Mike



---------------------------------------------------------------------------
Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE
The Presidio integrates PGP data encryption and XML Web Services security to 
simplify the management and deployment of PGP and reduce overall PGP costs 
by up to 80%.
FREE WHITEPAPER & 30 Day Trial - 
http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027 
----------------------------------------------------------------------------


##################################################################

Dit e-mailbericht is uitsluitend bestemd voor de geadresseerde.
De informatie hierin is vertrouwelijk, zodat het derden niet is
toegestaan om daarvan kennis te nemen of dit te verstrekken aan
andere derden. Indien u dit e-mail bericht ontvangt terwijl het
niet voor u bestemd is, verzoeken wij u contact op te nemen met
de afzender en de informatie te verwijderen van iedere computer.
Bij voorbaat dank. 

==================================================================

The information transmitted in this e-mail is intended only for
the person or entity to which it is addressed and contains
confidential information. Any review, retransmission or other
use by persons or entities other than the intended recipient is
prohibited. If you received this in error, please contact the
sender and delete the material from any computer. Thank you. 

##################################################################

#####################################################################################
This e-mail message has been scanned for Viruses and Content and cleared 
by MailMarshal
#####################################################################################

---------------------------------------------------------------------------
Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE
The Presidio integrates PGP data encryption and XML Web Services security to
simplify the management and deployment of PGP and reduce overall PGP costs
by up to 80%.
FREE WHITEPAPER & 30 Day Trial -
http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027
----------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
  • Betr.: Blocking IRC Access Philip Wagenaar (Nov 18)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]