Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Firewall Wizards: Re: Blocking we browsing completely and allowing only Skype out to the Internet

Re: Blocking we browsing completely and allowing only Skype out to the Internet

From: Ian Mahuron <mahuron_at_gmail.com>
Date: Wed, 24 Oct 2007 07:35:08 -0700

Skype is fairly aggressive when it's looking for open outbound ports
(i.e. not limited to using 80 and 443). I'd lock the firewall down
and use a packet trace to determine its search sequence.

I suspect you could also use URI inspection. Both FW-1 and PIX/ASA
support this. You could also use a proxy. This may help work around
HTTPS.

On 10/23/07, Siju George <sgeorge.ml_at_gmail.com> wrote:
> Hi,
>
> Is anybody doing Something like this on any of their firewalls?
>
> i.e blocking all web browsing and at the same time allowing only skype
> to the outside world?
>
> Could you please let me know how you do that?
>
> Thank you so much
>
> Kind Regards
>
> Siju
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards_at_listserv.icsalabs.com
> https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
>
_______________________________________________
firewall-wizards mailing list
firewall-wizards_at_listserv.icsalabs.com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Received on Oct 24 2007

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]