Welcome to ISAserver.org

Ares, Limewire and Morpheus

Users viewing this topic: none

Logged in as: Guest

Printable Version

All Forums >> [ISA Server 2004 General ] >> General >> Ares, Limewire and Morpheus

Page: [1]

Message

<< Older Topic Newer Topic >>

Ares, Limewire and Morpheus - 22.Jun.2008 1:02:56 PM

noddles

Posts: 27
Joined: 21.Apr.2008
Status: offline

Hello Everybody,
i have another problem, i've succesfully blocked ares, limewire and Morpheus sites and their signatures but the problem i have is that the people that have theses programs already installed on their computers, run these programs with ease. The ISA is not bolcking the programs from downloading and searching for files.. Please how can i stop this???? Anyone pls help.....
Thanks.....

Post #: 1

Featured Links*

RE: Ares, Limewire and Morpheus - 24.Jun.2008 10:28:03 AM

Rotorblade

Posts: 845
Joined: 27.Feb.2007
Status: offline

Noddles,

Blocking Gnutella client access is not easy because the ports can change. Generally peer connection occurs on TCP/UDP ports 6346 and 6347 so you would need to define protocol definitions for the above ports and then create a deny access rule in your ISA firewall policy utilizing the defined protocols.

Removing Firewall and SecureNat client access from your end-users will also eliminate access to run the P2P apps and will probably generate some hate mail for doing so.

Purchase third part detection software.

I found that policy is also an effective tool. Stipulating in your acceptable use policy that downloading and or running programs such as Limewire on company networks would most likely result in a RGE (resume generating event!)

HTH

RB

_____________________________

David Melvin
Ohio
MCSE: Security 2003, MCSA:Security 2003

(in reply to noddles)

Post #: 2

RE: Ares, Limewire and Morpheus - 24.Jun.2008 11:53:11 AM

noddles

Posts: 27
Joined: 21.Apr.2008
Status: offline

Hello David!
Thanks for your post, but please can you explain how i can remove firewall and securenat clients from my end users. i've tried the first method (I created a deny rule for a user defined rule for ports 6346 and 6347) and denied access to the internet from the internal network users. It's just the second method that i'm a bit confused on.
Thanks........

(in reply to Rotorblade)

Post #: 3

RE: Ares, Limewire and Morpheus - 24.Jun.2008 12:41:29 PM

pwindell

Posts: 643
Joined: 12.Apr.2004
From: Taylorville, IL
Status: offline

Remove the applications you don't want them to use from their machines. Management needs to deal with them if the reinstall them. Public user beatings work pretty well. ISA is not a babysitter.

Remove the users from being Administrators on their machines. A lot of things will not install if you are not logged in as an Admin.

If you have business Applications that won't run without the user being a local Admin then contact the Vendor and see if they have a way to fix that. Sometimes it can be fixed by modifying permissions on certain Folders and Registry entries.

_____________________________

Phillip Windell
www.wandtv.com

(in reply to noddles)

Post #: 4

RE: Ares, Limewire and Morpheus - 24.Jun.2008 12:49:27 PM

Rotorblade

Posts: 845
Joined: 27.Feb.2007
Status: offline

Sure,

If the ISA firewall client is installed on the client machines, goto Add/Remove programs and remove it.
In your ISA firewall policy, make sure that you're requiring authentication in your access rules. This will stop unauthenticated access (SecureNAT clients) from accessing the Internet. Also, make sure that any explicit Internet deny access rules are above any allow Internet access rule in your firewall policy.

HTH

RB

_____________________________

David Melvin
Ohio
MCSE: Security 2003, MCSA:Security 2003

(in reply to noddles)

Post #: 5

RE: Ares, Limewire and Morpheus - 25.Jun.2008 12:25:20 PM