[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] AIM
Thanks everyone for your time and input! I have several solutions to work with now :-) - Jeff -----Original Message----- From: Atkinson, Ron [mailto:[email protected]] Sent: Thursday, January 10, 2002 3:35 PM To: [email protected] Subject: Re: [FW-1] AIM Also remember that if using HTTP as the transport through a proxy in AIM it connects to a different server than login.oscar.aol.com. The configuration lists this server, however actually connections are done to something like aimhttp.oscar.aol.com or httpaim.oscar.aol.com. If anyone is using HTTP (not HTTPS) through a proxy with the latest AIM client look in the logs and you'll see this host listed instead (they even have their own MIME type now too). If there are any rules in the firewall allowing unauthenticated traffic to 'Any', then AIM can probabaly find a way through. The only way to really block it then is to block any servers in the .oscar.aol.com subdomain, not just the login server. Blocking by subdomain would be the best, but CheckPoint is pretty horrible at that (they still want to think that everything has single IP addresses). You may have to do a DNS lookup on every IP address that they use and create a group of these hosts to block it. I also shouldn't have to ask this, but make sure that DNS is not an implied rule. AIM will ride over DNS ports and pass through many firewalls that allow open Internet DNS lookups. Ron -----Original Message----- From: Jeremy Morrill [mailto:[email protected]] Sent: Thursday, January 10, 2002 1:53 PM To: [email protected] Subject: Re: [FW-1] AIM login.oscar.aol.com resolves to multiple servers. Perhaps creating objects for each server using there IP address and not its DNS name would resolve the issue. -JRM -----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[email protected]] On Behalf Of Tice, Jeff (ADM) Sent: Thursday, January 10, 2002 12:17 PM To: [email protected] Subject: [FW-1] AIM Hi! Trying to block AOL Instant messenger. I've created objects for login.oscar.aol.com servers. I've created a rule: Internal network --> AOL IM login objects --> ANY service - DROP It seems that when you click "auto configure" on the IM client, it scans ports until it finds one that works - eventhough the client can't ping the login.oscar.aol.com server.... Any help would be appreciated :-) Thanks! - Jeff Jeff Tice Director of Technology Hickory Public Schools- voice mail- fax http://www.hickory.k12.nc.us ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|