We have tried to block the AOL messenger networks before but some
useres started users AOL servers in different countries. Of course AOL
doesn't automaticaly search for these other servers so this would be
more effective than trying to block ports. Just hope that your users
dont start asking Google about how to get around it.
> I think even if you block the AOL service, it looks for any open port
and in
> most cases (Port 80) and goes out through that, so you really have to
block
> the ip addresses. I may be wrong .. but if somebody knows for sure...
please
> provide the input. Thanks.
>
> -Raman
>
> -----Original Message-----
> From: ThM [mailto:th.mue AT GMX DOT NET]
> Sent: Tuesday, June 24, 2003 10:39 AM
> To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
> Subject: Re: [FW-1] Need Help - Blocking Instant Messenger ip
Addresses
>
>
> Hi.
>
> The best way is to block the services of instant Messages from
AOL, ... !
> So you dosn´t need to know all ipadresses.
> I think, it is the best and easiest way.
>
> Thomas
>
>
>
> ----- Original Message -----
> From: "Raman Kalla" <RKalla AT HDBROUS DOT COM>
> To: <FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM>
> Sent: Tuesday, June 24, 2003 3:33 PM
> Subject: [FW-1] Need Help - Blocking Instant Messenger ip Addresses
>
>
> > Hi All,
> >
> > I need to block all traffic of the Instant Message (AOL, Yahoo,
hotmail
> > messenger) for my Internal Network Range (which consists of my user
> > workstations). By using DNS I was able to point all the
workstations to
> one
> > local server on my network and route all Instant message traffic
through
> > that server. But in order to achieve full control so that some
smart user
> > doesn't add a entry of instant messenger servers in his hosts file
and
> > by-pass the DNS, I want to block all the outgoing and incoming
traffic for
> > ip addresses of the instant messenger servers for my internal
Range. I can
> > get all the ip addresses of the messenger servers of yahoo, aol,
hotmail
> by
> > doing nslookup. What would be the best way to block these ip
addresses in
> > Checkpoint NG FP1. Thanks.
> >
> > Raman
> > IMPORTANT NOTICES: The information contained in this electronic
message
> is
> > privileged and confidential information intended only for the use
of the
> > individual(s) named above. Please notify the sender by e-mail if
you are
> > not the intended recipient. If the reader of this message is not
the
> > intended recipient, you are hereby notified that any dissemination,
> > distribution or copying of this communication is strictly
prohibited. HD
> > Brous & Co., Inc. ("Brous") does not accept time sensitive,
> action-oriented
> > messages or transaction orders, including orders to purchase or sell
> > securities, via e-mail. Brous reserves the right to monitor and
review the
> > content of all messages sent to or from this e-mail address.
Messages sent
> > to or from this e-mail address may be stored on the Brous e-mail
system.
> > Such may be produced at the request of regulators. Sender accepts
no
> > liability for any errors or omissions arising as a result of
transmission.
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
