|
Posted by Steven L Umbach on August 19, 2005, 12:19 pm
Please log in for more thread options
I believe that you could stop it with ISA 2004 using application filters for
http to stop it from tunneling through port 80 TCP. For those of us with
more conventional firewalls it probably is a matter of trying to track down
the servers it uses which you might be able to track down by examining your
firewall logs. Beyond that you may have to rely on personal firewalls such
as Zone Alarm, Sygate, etc that can block access to the internet based on
application rules. Of course for that to work well the users would have to
be regular users because local administrators could possibly reconfigure or
disable the firewall service. You might also try using Group Policy.
Windows XP Pro can use Software Restriction Policies that are very effective
at controlling what applications a user can run or install on their
computer. Windows 2000 can blacklist applications though if the user has the
ability to rename the executable they could work around the blacklist. See
the links below for more details if interested. --- Steve
http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/rstrplcy.mspx
http://support.microsoft.com/default.aspx?scid=kb;en-us;323525
http://www.technobabble.com.au/technobabble/html/tweaks/Group%20Policy%20Registry%20Editor.htm
> Anyone succesful in blocking MSN messenger? I need to block it, and my
> Watchguard Firewall does not have the option. I also know MSN messenger
> will try all sorts of ports, including port 80. Looking for suggestions.
> Is it all based on blocking the domain names of the login servers? What
> are all of them? Any help would be appreciated. Thanks.
>
> Todd
>
| 
XML Sitemap