Security Basics mailing list archives
Betr.: Blocking IRC Access
From: "Philip Wagenaar" <p.wagenaar () accon nl>
Date: Tue, 18 Nov 2003 09:21:08 +0100
Just blocking ports 6665 to 6669 is not enough. Most IRC servers also support ports like 7777 and some other exotic ports. Best way to block IRC? most workstations only need HTTP access to outside world. Use LOCAL IP's and HTTP proxy with firewall Met vriendelijke groet, Philip Wagenaar AccoN Accountants & Adviseurs ICT Project Bureau Postbus 5090 6802 EB Arnhem The Netherlands tel. +31 (0)26-3842384 fax. +31 (0)26-3630222 mobile: +31 (0)6-25388935 MSN/E-mail: p.wagenaar () accon nl http://www.accon.nl
"Mike" <mjcarter () ihug co nz> 17-11-03 08:46 >>>
Hi All, I'm looking at moving my career towards security, so was interested when I received an email from our security department that stated they would be blocking IRC by closing ports 6665-6669. I would have thought a lot more ports would need to be closed if the secops wanted to completely block IRC. What is the "best" way to disable access to IRC? Block known ports, what ports would need to be blocked? Or just drop packets, how would that be done? We use Cisco equipment and are primarily a win2k 70% winxp 30% site Like I said I'm wanting to move into security, but at the moment I wouldn't even class myself as a novice. Any input I could get from this list will be very much appreciated! Thanks Mike --------------------------------------------------------------------------- Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE The Presidio integrates PGP data encryption and XML Web Services security to simplify the management and deployment of PGP and reduce overall PGP costs by up to 80%. FREE WHITEPAPER & 30 Day Trial - http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027 ---------------------------------------------------------------------------- ################################################################## Dit e-mailbericht is uitsluitend bestemd voor de geadresseerde. De informatie hierin is vertrouwelijk, zodat het derden niet is toegestaan om daarvan kennis te nemen of dit te verstrekken aan andere derden. Indien u dit e-mail bericht ontvangt terwijl het niet voor u bestemd is, verzoeken wij u contact op te nemen met de afzender en de informatie te verwijderen van iedere computer. Bij voorbaat dank. ================================================================== The information transmitted in this e-mail is intended only for the person or entity to which it is addressed and contains confidential information. Any review, retransmission or other use by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from any computer. Thank you. ################################################################## ##################################################################################### This e-mail message has been scanned for Viruses and Content and cleared by MailMarshal ##################################################################################### --------------------------------------------------------------------------- Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE The Presidio integrates PGP data encryption and XML Web Services security to simplify the management and deployment of PGP and reduce overall PGP costs by up to 80%. FREE WHITEPAPER & 30 Day Trial - http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027 ----------------------------------------------------------------------------
Current thread:
- Betr.: Blocking IRC Access Philip Wagenaar (Nov 18)