Re: MSN Contact Blacklisting

["Jon" <jbistogood () hotmail com>]

I guess you could write a program that acts like a proxy between the msn
client and server.
It would then be easy to filter out certain contacts from the list.

However, the user only has to disable the proxy on the connections tab to
bypass this, plus you would need some programming skills to write the
application in the first place.

Another more advanced option is building a packet sniffing application from
the winpcap libs. I'm not sure how easy it would be to force a packet to be
dropped, but notifying management of messages to unwanted contacts would be
do-able.

Jon
----- Original Message ----- 
From: "Dean" <dispacct () hotmail com>
To: <SECURITY-BASICS () securityfocus com>; <full-disclosure () lists netsys com>
Sent: Monday, May 24, 2004 5:53 PM
Subject: [Full-disclosure] MSN Contact Blacklisting


> Hi All,
>
> I look after a small (20) station network and we are looking for a way to
> centrally control the contact list on MSN of our users.
>
> I have seen commercial products such as iMMarshall but these are far too
> expensive and much too complicated for our needs.
>
> Management want us to create a blacklist of unauthorised MSN contacts to
> prevent certain individuals spending too much time chatting to their
> friends.
>
> Is this possible? How? I realise a whitelist would be a more effective and
> secure solution but we review logs and if we see excessive non-work
related
> traffic to a certain contact, we would like to block it. The work in
> approving each and every contact would be too much bother.
>
> Is this possible through MSN alone or would we need to install some sort
of
> filter to drop packets containing 'blacklistedpersonsaddress () hotmail com'
or
> something?!?
>
> From security point of view I would agree that MSN etc are a risk, they do
> serve a useful purpose in facilitating some of the business that is done
> here. Certainly works to cut down costs on speaking with international
> clients and suppliers. Previously one might make a dozen phonecalls to the
> same supplier chasing terms, stock location, brand, configuration etc etc
it
> can all be done via MSN instantly.
>
> Hence the reason we would like to keep it active, yet block those contacts
> that are not business related. It is only a small proportion of the
> workforce that are abusing the privilege (we do monitor all email/msn
> traffic) and if we could find a solution just to block those contacts,
> management (and as a result me due to the fact they will be off my case
> about it!) will be happy
>
> I especially would like a solution that is transparent to the end users.
>
> If this is not the right place to ask I apologise,  but I have already
tried
> in experts exchange,usenet and had NO answers - not even a hint. If there
is
> an answer already on the web, my google-fu must be very weak.
>
> I was even looking at installing parental controls (!) but again that
would
> mean administering each workstation as opposed to doing it through the
> server.
>
> Kind regards
> Dean
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html