Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

RE: AOL, Yahoo, and Instant Messaging

From: "Stiennon,Richard" <richard.stiennon () gartner com>
Date: Thu, 30 Aug 2001 15:39:38 -0400
From the following citation:


http://www.infosecuritymag.com/articles/february01/cover.shtml

Blocking IM access

Preventing IM traffic from leaving the network is also difficult. Like
Napster, the major IM clients will work quite hard to find a port to exit
your LAN, using HTTP if they have to. AIM needs to connect to the host
login.oscar.aol.com in order to start up, so blocking traffic to this
destination will effectively shut it down. However, at press time, the name
login.oscar.aol. com points to the following IP addresses, according to a
DNS lookup:
205.188.7.172
205.188.7.176
205.188.7.164
205.188.7.168
You'll need to block all of these and check for any new servers on a regular
basis. Yahoo! Messenger can be blocked in a similar way, by killing off
outbound access to the hosts answering to the following names:
msg.edit.yahoo.com
edit.messenger.yahoo.com
csa.yahoo.com
csb.yahoo.com
csc.yahoo.com

Each of the above names resolves out to multiple IP addresses-and, of
course, Yahoo! can add new addresses at any time, making it an ongoing
battle.
MSN Messenger can be blocked by blocking IP access to the Hotmail network
range-64.4.0.0 through 64.4.63.255. Interestingly, this does not seem to
totally block access to Hotmail's Web-based mail service.


-----Original Message-----
From: Shane Black [mailto:shane.black () brokat com]
Sent: Tuesday, August 28, 2001 10:48 AM
To: 'firewall-wizards () nfr com'
Subject: [fw-wiz] AOL, Yahoo, and Instant Messaging



Can someone point me in the right direction on how to block AOL, Yahoo, and
Instant Messaging through a CheckPoint 4.1 FW?  I have it partially blocked
but I am adding each server as an object as I catch it.  Is there an easier
way?
 
 
Thanks,
Shane Black
(678) 533-4713
_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards
_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: