|
Posted by Steven L Umbach on August 19, 2005, 3:15 pm
Please log in for more thread options
Here is a copy of a reply I recenty did for another poster on nearly the
same subject that may be helpful to you also. --- Steve
I believe that you could stop it with ISA 2004 [free to try] using
application filters for
http to stop it from tunneling through port 80 TCP. For those of us with
more conventional firewalls it probably is a matter of trying to track down
the servers it uses which you might be able to track down by examining your
firewall logs. Beyond that you may have to rely on personal firewalls such
as Zone Alarm, Sygate, etc that can block access to the internet based on
application rules. Of course for that to work well the users would have to
be regular users because local administrators could possibly reconfigure or
disable the firewall service. You might also try using Group Policy.
Windows XP Pro can use Software Restriction Policies that are very effective
at controlling what applications a user can run or install on their
computer. Windows 2000 can blacklist applications though if the user has the
ability to rename the executable they could work around the blacklist. See
the links below for more details if interested. --- Steve
http://www.microsoft.com/technet/prodtechnol/isa/2004/plan/httpfiltering.mspx
--- ISA 2004 application filtering.
http://www.microsoft.com/isaserver/evaluation/trial/default.mspx --- ISA
2004 Evaluation Edition.
http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/rstrplcy.mspx
--- XP Pro SRP
http://support.microsoft.com/default.aspx?scid=kb;en-us;323525 --- GP
restrict applications by executeable
http://www.technobabble.com.au/technobabble/html/tweaks/Group%20Policy%20Registry%20Editor.htm
>I have many users who are using IM thru ports 80 and 21, which our
>firewalls dont block.
> Is there a policy / GPO for block these (AIM, yahoo and ms IM)
>
> thanks
>
> craig
>
| 
XML Sitemap