|
Title: How Block all Instant Messaging Post by: hinge on Wednesday 03 June 2009, 01:59:52 pm hello anyone can help me to resolve my problem to how to block all instant messaging to may network.. thank you.. i hope anyone willing to help.. :(
Title: Re: How Block all Instant Messaging Post by: npeterson on Friday 05 June 2009, 01:37:00 am You would need to track down all ports for the IM clients and block them. That could be a lot of work and you could miss some. A better stance for a firewall admin (IMO) is to block all outgoing traffic and only allow traffic you know you want to go out.
To do this you create a rule to block all outgoing traffic (firewall -> outgoing traffic) Source Should be <any> target should be <red> service and protocol should be any. policy action should be deny. Position: Last - Make sure of this one, or else your other rules to allow outgoing traffic will all be denied. You can turn logging on for the rule, but there will be a lot of blocked traffic. This wont block web server based traffic that can pass your proxy though. For that you need to enable the content filter and make sure the "chat" filters are on. Hope this helps Title: Re: How Block all Instant Messaging Post by: hinge on Friday 05 June 2009, 06:06:32 pm Hi! npeterson thank you for giving a time for answer my post. i try to follow your instruction you gave me but all Instant Messaging will still active. itry to ON the CHAT (green) on CONTENT FILTER and itry the CHAT to red sign but it still work the instant messaging. And i try to red sign the chat on URL BLACKLIST then save but its back to green or check sign. how i can work this to red sign? :'( :'( :'( i hope anybody can help me..
Title: Re: How Block all Instant Messaging Post by: medic215 on Tuesday 06 July 2010, 03:25:36 am Not sure if I should be posting this here, but i am having the opposite problem. I just tried implementing Endian 2.4, but if I enable the outgoing firewall I cannot connect to ANY IM servers (Yahoo, AIM, MSN, ICQ, and my internal one). I found that I can get to the internal server using the LAN IP which I didn't have to do before with the older version of Endian, but still cannot connect to any of the others. I can with the older version of Endian with the outgoing firewall on. What gives? I am not seeing in either on e where the IM is specifically allowed or denied.
Title: Re: How Block all Instant Messaging Post by: mrkroket on Wednesday 07 July 2010, 07:33:06 am Hi! npeterson thank you for giving a time for answer my post. i try to follow your instruction you gave me but all Instant Messaging will still active. itry to ON the CHAT (green) on CONTENT FILTER and itry the CHAT to red sign but it still work the instant messaging. And i try to red sign the chat on URL BLACKLIST then save but its back to green or check sign. how i can work this to red sign? :'( :'( :'( i hope anybody can help me.. Try using the Intrusion detection and blocking all chat related HTTP traffic. You must change from alert to block (a red shield). |