Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Blocking Google Talk

From: Victor Williams <vbwilliams () neb rr com>
Date: Thu, 06 Jul 2006 06:19:29 -0500
Maybe don't have to. Can anyone comment on this product: http://verso.com/enterprise/netspective/index.asp or any others like it that supposedly do signature-based controls on data transmissions? Would this be the way to go to blocking Google Talk, Skype, or any other offenders...at least in the interim?
Would seem to me that the issue is just that blocking ports won't help. You at least need something that will examine the SSL handshake (I'm assuming that's how they are doing it...if so, it's going to be different than a browser SSL handshake). That is of course until they change their authentication methods again like Yahoo Messenger likes to do every 8 months or so. 

Oliver Humpage wrote:


On 21/6/06 6:48 pm, "Dale W. Carder" <dwcarder () doit wisc edu> wrote:


Do you really think you can get away with firewalls forever?  Are you
ready for the everything on port 443 internet?


Surely if you need things that locked down, you can install yourself as a CA
on desktops in the organisation, then do MITM SSL proxy filtering much as
you might do port 80 http proxy-filtering now.

Oliver.

_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards





--
Victor Williams
Network Architect
SSCP, RHCE
vbwilliams () neb rr com


CONFIDENTIALITY NOTICE:
This e-mail transmission and any documents, files or previous e-mail messages attached to it may contain information 
that is confidential, protected by the attorney/client or other privileges, and may constitute non-public information. 
It is intended to be conveyed only to the designated recipient(s) named above. Any unauthorized use, reproduction, 
forwarding, distribution or other dissemination of this transmission is strictly prohibited and may be unlawful. If you 
are not an intended recipient of this e-mail transmission, please notify the sender by return e-mail and permanently 
delete any record of this transmission. Your cooperation is appreciated.


_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: