Security Basics mailing list archives
SV: Blocking IRC Access
From: Thomas Westlund <thomas.westlund () prioritytelecom no>
Date: Mon, 17 Nov 2003 19:38:01 +0100
Since you in theory can run IRC on any port you want, depending on the configuration of the IRC server of course, just blocking the ports would not let you stop all IRC traffic. I'm not quite shure about cisco equiptment, but FW-1 (and I'm shure a lot of others) lets you make a rule based on a packet matching pattern. This will let you filter out IRC traffic regardless of the port's the session is running on. I've never built a pattern for stopping IRC, but if you google it I'm shure you'll find someone who has. Hope this points you in the right direction :) -- Thomas Westlund Priority Telecom Norway AS -----Opprinnelig melding----- Fra: Mike [mailto:mjcarter () ihug co nz] Sendt: 17.11.2003 08:46 Til: security-basics () securityfocus com Emne: Blocking IRC Access Hi All, I'm looking at moving my career towards security, so was interested when I received an email from our security department that stated they would be blocking IRC by closing ports 6665-6669. I would have thought a lot more ports would need to be closed if the secops wanted to completely block IRC. What is the "best" way to disable access to IRC? Block known ports, what ports would need to be blocked? Or just drop packets, how would that be done? We use Cisco equipment and are primarily a win2k 70% winxp 30% site Like I said I'm wanting to move into security, but at the moment I wouldn't even class myself as a novice. Any input I could get from this list will be very much appreciated! Thanks Mike --------------------------------------------------------------------------- Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE The Presidio integrates PGP data encryption and XML Web Services security to simplify the management and deployment of PGP and reduce overall PGP costs by up to 80%. FREE WHITEPAPER & 30 Day Trial - http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027 ---------------------------------------------------------------------------- --------------------------------------------------------------------------- Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE The Presidio integrates PGP data encryption and XML Web Services security to simplify the management and deployment of PGP and reduce overall PGP costs by up to 80%. FREE WHITEPAPER & 30 Day Trial - http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027 ----------------------------------------------------------------------------
Current thread:
- Blocking IRC Access Mike (Nov 17)
- Re: Blocking IRC Access J. Bilder (Nov 17)
- Re: Blocking IRC Access Andreas Haugsnes (Nov 17)
- Re: Blocking IRC Access Tim Syratt (Nov 18)
- RE: Blocking IRC Access JM (Nov 18)
- <Possible follow-ups>
- SV: Blocking IRC Access Thomas Westlund (Nov 17)
- Re: Blocking IRC Access getting_out (Nov 19)
- Re: Blocking IRC Access J. Bilder (Nov 17)