gb-users mailing list archive
<-- Chronological -->
Extended
<-- Thread -->

RE: [gb-users] How can I block windows live messenger

More messages from [ Jason Talbot]
To: <gb-users_at_gta_dot_com>
Subject: RE: [gb-users] How can I block windows live messenger
From: "Jason Talbot" <jtalbot_at_omegafi_dot_com>
Date: Tue, 5 Jun 2007 16:54:08 -0400
In-reply-to: <r02020000-215-1049-i386-4F83A1E48CF14F8B8F9D9D5C777E37FF@f eAAlix.gta.com>
References: <003701c7a7ad$03fd4820$3f01a8c0@wmosquera> <r02020000-215-1049-i386-4F83A1E48CF14F8B8F9D9D5C777E37FF@feAAlix.gta. com> 
Will the new feature sets in GB-OS 5.0 work with older hardware such as
GB-1000R?

-----Original Message-----
From: Paul Emerson [mailto:paul_at_gta_dot_com]
Sent: Tuesday, June 05, 2007 4:50 PM
To: wmosquera_at_tecnoav_dot_com.ec
Cc: gb-users_at_gta_dot_com
Subject: Re: [gb-users] How can I block windows live messenger

It is often quite difficult to block IM traffic.  This is mainly
due to various fallback scheme incorporated in the code.  For
example some IM client will use UDP/53 (assigned to DNS) when
all else fails.

One way to deal with the problem, is to block everything except
for the services you allow and use the DNS proxy on the
firewall.  This approach deny everything except for what is
explicitly allowed is probably the best approach but one most
organization don't implement because it generally upsets
people.  Many organization take the opposite approach and allow
nearly everything but try to block service they don't want
used.  This approach makes it difficult to create a truly
effective access policy.

Another approach is to use a bit of human engineering.  That is
create a usage policy which you provide to everyone in the
organization and have them sign that they have read it and
accept it.  Then make sure you log the services that are not
allowed, put filters in place.  Monitor the logs.  Someone
violates the policy, evidenced by the the traffic in the logs,
you then apply the penalty.

Another thing that you will find helpful is the new IPS feature
in GB-OS 5.0 which is due to be released very soon.  There are
IPS policies that detect/drop/reset IM activity such as Skype,
MSN, etc.

Paul


On 6/5/07 at 4:06 PM  wmosquera_at_tecnoav_dot_com.ec wrote:

>Hi forum
>
>
>
>
>
>How can I block Windows live messenger and skype ?
>
>
>
>Regards,
>
>
>
>Wilson Mosquera
>
>TECNOAV
>
>------------------------------------------------------
>To unsubscribe:           gb-users-unsubscribe_at_gta_dot_com
>For additional commands:         gb-users-help_at_gta_dot_com
>Archive:  http://archives.gnatbox.com/gb-users/
>
>
--
Paul Emerson                       Global Technology Associates, Inc.
Tel: +1.407.380.0220               http://www.gta.com/
Fax: +1.407.380.6080               Email: paul_at_gta_dot_com
Mob: +1.407.617.7818               AIM: pje1gta
UK:  +44 020 8123 5661             Skype: pje1gta

------------------------------------------------------
To unsubscribe:           gb-users-unsubscribe_at_gta_dot_com
For additional commands:         gb-users-help_at_gta_dot_com
Archive:  http://archives.gnatbox.com/gb-users/

------------------------------------------------------
To unsubscribe:           gb-users-unsubscribe_at_gta_dot_com
For additional commands:         gb-users-help_at_gta_dot_com
Archive:  http://archives.gnatbox.com/gb-users/
[ Search for messages with a similar subject]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: [gb-users] How can I block windows live messenger, Richard Ashley
Next by Date:  RE: [gb-users] How can I block windows live messenger, Jack Daniel
Previous by Thread:  Re: [gb-users] How can I block windows live messenger, Paul Emerson
Next by Thread:  RE: [gb-users] How can I block windows live messenger, Richard Ashley
Indexes:  [Date] [Thread] [All Lists] [Home]
Global Technology Associates, Inc