Security Basics mailing list archives

Re: Instant Messaging hash values

From: "Gaddis, Jeremy L." <jeremy () linuxwiz net>
Date: Mon, 08 Aug 2005 20:23:22 -0500

Netops wrote:

    I think that this would be to hard to maintain, why not simple block
the type of traffic on the firewall or proxy server.


Ever tried to block IM traffic at the firewall?  Most of these Instant
Messaging applications are very port agile.  If there's an open port
through your firewall, these apps will find it.

It's easy to detect on an IDS or sniffer, but that's being reactive, not
proactive.

-j

-- 
Jeremy L. Gaddis     <jeremy () linuxwiz net>

"If it's not on fire, it's a software problem."

Current thread:

Instant Messaging hash values Nick Duda (Aug 05)
- Re: Instant Messaging hash values Dave Aronson (Aug 08)
- Re: Instant Messaging hash values Netops (Aug 08)
  - Re: Instant Messaging hash values Gaddis, Jeremy L. (Aug 10)
- Re: Instant Messaging hash values David Siles (Aug 15)
- <Possible follow-ups>
- RE: Instant Messaging hash values Nick Duda (Aug 10)
- RE: Instant Messaging hash values Robinson, Sonja (Aug 10)
  - Re: Instant Messaging hash values Ayaz Ahmed Khan (Aug 10)
  - RE: Instant Messaging hash values David Gillett (Aug 10)
    - Re: Instant Messaging hash values NewYork User (Aug 12)
- RE: Instant Messaging hash values Keith Bucher (Aug 12)