Re: [FW-1] Successfully blocking MSN Messenger, how-to?

Subject:	Re: [FW-1] Successfully blocking MSN Messenger, how-to?
From:	Edward Luck <ed.luck AT GMAIL DOT COM>
To:	FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date:	Mon, 16 Jan 2006 23:17:27 +1100

SmartDefense can indeed block MSN Messenger, but you need NGX to do it.

Note that it says that MSN won't work unless you specifically allow
the MSN protocol (TCP 1863), which then assumes that the HTTP protocol
will stop attempts to use MSN over it.  I haven't actually confirmed
this, however.

I'm pretty sure Smart
On 1/16/06, Jean-Francois Gobin <gobin AT gobinjf DOT be> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> The problem comes that messenger can also work with http encapsulation.
>
> So, basically, stopping TCP/1863 AND activating smartdefense http
> filtering (you've a list of what's supported).
>
> Also, you'll have to define you client access to outside either as a
> ressource or as something authenticated.
>
> Regards,
> Jean-Francois Gobin
>
>
> On Mon, 16 Jan 2006, Stig Bull wrote:
>
> > Dear list, I have been given the task of blocking MSN Messenger in the
> > office firewall.
> > However, after some rather extensive Googling, I see that this is far
> > more difficult than it appears to be, and the web sites I found with
> > claimed solutions for blocking MSN, simply didn't work.
> >
> > Here's what I've done so far (after Googling):
> >
> > Blocked access to gateway.messenger.hotmail.com, messenger.hotmail.com
> > and webmessenger.msn.com; all traffic, inbound and outbound. I've also
> > blocked port 1863 (TCP, UDP), 6891-6900 (TCP), 5190 (UDP) and 6901
> > (UDP).
> > Still people are able to connect MSN Messenger with no problem at all. I
> > suspect this is because the server's I'm trying to block, have several
> > different IP addresses.
> >
> > I've read that some think the best way is SmartDefense, but I'm not sure
> > if I need a license for it. At least it tells me when I try to update it
> > (NG AI R55 by the way) that SmartDefense updates require a SmartDefense
> > subscription license, so I really haven't looked into it at all.
> >
> > Is there any successfull way of blocking MSN Messenger which really
> > works?
> >
> > --
> > Regards
> >
> > Stig Bull
> >
> > =================================================
> > To set vacation, Out-Of-Office, or away messages,
> > send an email to LISTSERV AT amadeus.us.checkpoint DOT com
> > in the BODY of the email add:
> > set fw-1-mailinglist nomail
> > =================================================
> > To unsubscribe from this mailing list,
> > please see the instructions at
> > http://www.checkpoint.com/services/mailing.html
> > =================================================
> > If you have any questions on how to change your
> > subscription options, email
> > fw-1-owner AT ts.checkpoint DOT com
> > =================================================
> >
>
> - ----------
> Jean-Francois Gobin - Administrateur gobinjf.be
> http://www.gobinjf.be   mailto:gobin AT gobinjf DOT be
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.1 (GNU/Linux)
> Comment: Made with pgp4pine 1.76
>
> iD8DBQFDy3ggkkg3QInH2uURAmxuAJ98iG+C2P0pPaZ+WWEZd6czhCqGEwCfax8y
> RVbjd9CnTj0sQgSp8krU5Ww=
> =gHzS
> -----END PGP SIGNATURE-----
>
> =================================================
> To set vacation, Out-Of-Office, or away messages,
> send an email to LISTSERV AT amadeus.us.checkpoint DOT com
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> fw-1-owner AT ts.checkpoint DOT com
> =================================================
>


--
Keep flying, and stay shiny.

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

<Prev in Thread]	Current Thread	[Next in Thread>
[FW-1] Successfully blocking MSN Messenger, how-to?, Stig Bull Re: [FW-1] Successfully blocking MSN Messenger, how-to?, Jean-Francois Gobin Re: [FW-1] Successfully blocking MSN Messenger, how-to?, Edward Luck <= Re: [FW-1] Successfully blocking MSN Messenger, how-to?, cisco4ng Re: [FW-1] Successfully blocking MSN Messenger, how-to?, Alvaro Gastambide Re: [FW-1] Successfully blocking MSN Messenger, how-to?, cisco4ng Re: [FW-1] Successfully blocking MSN Messenger, how-to?, Stig Bull Re: [FW-1] Successfully blocking MSN Messenger, how-to?, cisco4ng

Previous by Date:	Re: [FW-1] Successfully blocking MSN Messenger, how-to?, Jean-Francois Gobin
Next by Date:	[FW-1] Two IP Ranges, Alvaro Gastambide
Previous by Thread:	Re: [FW-1] Successfully blocking MSN Messenger, how-to?, Jean-Francois Gobin
Next by Thread:	Re: [FW-1] Successfully blocking MSN Messenger, how-to?, cisco4ng
Indexes:	[Date] [Thread] [Top] [All Lists]