Re: AOL Instant Messanger

From: Steven L Umbach (n9rou_at_n0-spam-for-me-comcast.net)
Date: 08/24/04 

Date: Tue, 24 Aug 2004 03:26:32 GMT

If you know the ports that are used you can implement an ipsec filtering policy to
block those ports using permit and block filter rules. Ipsec polices are computer
policies and apply to all users on the computer and can be managed via Group Policy.
You could start with a mirrored block all rule, then add a mirrored permit rule for
the lan subnet, and then add mirrored rule with the permitted outbound exceptions
such as ports 80 and 443 tcp for http and https, 53 udp for dns, and any other ports
allowed such as mail and news. This is something you might also be able to do at your
firewall if it can control outbound access, though you may have to create exceptions
for allowed computers which may require that they use static IP addresses. Personal
firewalls such as Zone Alarm can also be very effective at controlling internet
access though may require individual computer configuration unless you can import
configuration files. --- Steve

http://www.securityfocus.com/infocus/1559 --- how to ipsec filtering policy.

"someone" <anonymous@discussions.microsoft.com> wrote in message
news:47f501c4893e$47767620$a301280a@phx.gbl...
> Can somebody help me: What options can I use within the
> Group policy Domain/Local that will allow me to block
> AOL/MSN/Yahoo Instant Messangers. Thanks.

Relevant Pages

  • Re: AOL Instant Messanger
    ... > policy to block those ports using permit and block filter rules. ... > can be managed via Group Policy. ... > individual computer configuration unless you can import configuration ...
    (microsoft.public.win2000.group_policy)
  • Re: keeping only ports 21 and 80 open
    ... depending on how your configuration is in XPE... ... configuration, under TCP/IP, and setup TCP/IP filtering, to permit all, ... permit only on TCP/UDP, and IP ports. ... The only real ports I see a potentail problem with is 13 this is ...
    (microsoft.public.windowsxp.embedded)
  • RE: Blocking NetBios
    ... ports 139 and 445 will not respond to a port scan. ... Control Panel - Network - Internet Protocol Properties ... Use: Permit Only specific protocols. ... tcp 139 will not respond to port scans ...
    (Security-Basics)
  • Re: IOS NAT
    ... To permit a range through the firewall: ... To NAT the range of ports: ... ip nat inside source static 1.1.1.1 2.2.2.2 route-map NAME extendable ...
    (comp.dcom.sys.cisco)
  • Re: basic firewall with TCP IP filtering
    ... On my webserver I set "enable tcp ip filtering" to permit only TCP ports ... UDP ports permit only 53 and IP protocols set to permit all. ...
    (microsoft.public.windows.server.security)