Re: Blocking IRC Access

[getting_out <getting_out () tele2 it>]

hmm, blocking irc. I think it's a very difficult thing to do.
If you have an open port, I can always connect to irc.
For example, in my office there's a firewall that block all ports 
(except needed), but I can still connect by the 80. I simply use an 
HttpTunnel. I can't download file, but I can chat (and it's what I wanna 
do).

I think that a pretty way is to look on which user-agent sends varius 
irc program and then forbit it. Or accept only some type of user-agent 
like IE, Netscape, Mozilla, Opera, etc, etc!
But I can still make a program that get all the communication on local 
host, redirect through the firewall adding (and if needed removing the 
wrong one) user-agent ;)

Tell me on how will you block irc connection. I'm really interested in it.

Bye

On Mon, 2003-11-17 at 14:46, Mike wrote:

>> Hi All,
>> I'm looking at moving my career towards security, so was interested 
when I
>> received an email from our security department that stated they would be
>> blocking IRC by closing ports 6665-6669.
>>
>> I would have thought a lot more ports would need to be closed if the 
secops
>> wanted to completely block IRC.
>>
>> What is the "best" way to disable access to IRC?
>>
>> Block known ports, what ports would need to be blocked?
>>
>> Or just drop packets, how would that be done?
>>
>> We use Cisco equipment and are primarily a win2k 70% winxp 30% site
>>
>> Like I said I'm wanting to move into security, but at the moment I 
wouldn't
>> even class myself as a novice.
>>
>> Any input I could get from this list will be very much appreciated!
>>
>> Thanks
>> Mike



---------------------------------------------------------------------------
----------------------------------------------------------------------------