• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

IM Blocking

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> HTTP Filtering >> IM Blocking Page: [1]
Login
Message << Older Topic   Newer Topic >>
IM Blocking - 19.Oct.2007 10:57:53 AM   
jscroggins

 

Posts: 3
Joined: 31.May2007
Status: offline
I know you can't block everything out there but what can I do to block the majority of IM clients ie. MSN, Yahoo, AOL etc...  We use ISA 2004.
Post #: 1
RE: IM Blocking - 19.Oct.2007 8:29:27 PM   
royh

 

Posts: 318
Joined: 23.Feb.2007
From: Lebanon
Status: offline
Hi,
 
Check the following article to block MSN messenger access:
 
http://www.isaserver.org/tutorials/ISA-Firewall-Quick-Tip-Blocking-MSN-Messenger-Access-Enabling-Access-Some-Users.html
 
and the following site for some common applications signatures
 
http://www.microsoft.com/technet/prodtechnol/isa/2004/plan/commonapplicationsignatures.mspx
HTH,
Roy

_____________________________

Roy Haddad,M.Sc
CCNA, MCSE 2003 Messaging & Security,C|EH
www.foxminds.com

(in reply to jscroggins)
Post #: 2
RE: IM Blocking - 7.Nov.2007 6:48:26 PM   
hrugama

 

Posts: 12
Joined: 6.Oct.2007
Status: offline
Hello,

I been trying to block IM programs using the tutorial Mr. Shinder has posted, great post but no luck. My scenario is very simple, I have 3 network that are managed by the ISA;WIFI, Computer Labs and the Internal network, where I want to block IM programs is on the CL and internal networks.

Everytime I configure the ISA to block IM requests, the Logging tab show that traffic is been blocked but the IM clients are still able to initiate session.

I don't know what I am doing wrong, but somehow it's proven that traffic is passed by ISA.

Could you please give me some help, about this issue?

Best regards,

_____________________________

Harold Rugama

(in reply to royh)
Post #: 3
RE: IM Blocking - 11.Nov.2007 7:02:36 PM   
royh

 

Posts: 318
Joined: 23.Feb.2007
From: Lebanon
Status: offline
Hi,

You have to stop the IM applications by their signatures. Use the HTTP filtering in your allow rule to do it.

Refer to the following sites for more IM signatures

http://forums.microsoft.com/ForeFront/ShowPost.aspx?PostID=2348677&SiteID=41

and

http://forums.isaserver.org/HTTP_Signatures_-_NO_QUESTIONS_-_JUST_SIGNATURES_PLEASE/m_2002015478/tm.htm

Thanks -


_____________________________

Roy Haddad,M.Sc
CCNA, MCSE 2003 Messaging & Security,C|EH
www.foxminds.com

(in reply to hrugama)
Post #: 4
RE: IM Blocking - 12.Nov.2007 10:23:12 AM   
hrugama

 

Posts: 12
Joined: 6.Oct.2007
Status: offline
Hello,

Thank you for you reply, I have checked you link and they have given me more information in how to solve to this. Thanks God and you guys I have finally blocked the Messenger 7.5 and Yahoo messenger!!!, but now I have some extra problem the new msn live messenger has a different signature!, any idea how to create a rule to block the new release of this messenger?

Unfortunately, for some reason now the users that want to check their e-mail through using hotmail.com and yahoo.com are unable to load the mail interface. Is the signature and HTTP content type filter applied has something to do with this new problem?

Comments and suggestion, are welcome.

Cheers,

Harold

(in reply to royh)
Post #: 5
RE: IM Blocking - 12.Nov.2007 5:18:19 PM   
elmajdal

 

Posts: 6022
Joined: 16.Sep.2004
From: Lebanese in Kuwait
Status: offline
Hi,

have u checked the link that Royh gave to you  : http://forums.isaserver.org/HTTP_Signatures_-_NO_QUESTIONS_-_JUST_SIGNATURES_PLEASE/m_2002015478/tm.htm

it contains the signatures of the different versions of MSN.

what is the build of the msn that u r trying to block ?

_____________________________

Tarek Majdalani

Windows Expert - IT Pro MVP
Facebook : https://www.facebook.com/ElMajdal.Net

(in reply to hrugama)
Post #: 6
RE: IM Blocking - 12.Nov.2007 5:26:23 PM   
hrugama

 

Posts: 12
Joined: 6.Oct.2007
Status: offline
Hello

Thank you for you reply, my apoligies for the overlook, now I understand. The version I want to block is 8.1 (build 8.1.0178.00). So I can assume that 8.1 8.1.0178.00 is the new signature?.

One other thing, my users are unable to check their webmail of hotmail.com and yahoo.com for some reason. Any ideas?

Best regards,

(in reply to elmajdal)
Post #: 7
RE: IM Blocking - 12.Nov.2007 7:35:46 PM   
elmajdal

 

Posts: 6022
Joined: 16.Sep.2004
From: Lebanese in Kuwait
Status: offline
Hi,

build 8.1.0178.00 , then signature is : 8.1.178.0

HTH,
Tarek

_____________________________

Tarek Majdalani

Windows Expert - IT Pro MVP
Facebook : https://www.facebook.com/ElMajdal.Net

(in reply to hrugama)
Post #: 8
RE: IM Blocking - 13.Nov.2007 4:38:52 PM   
hrugama

 

Posts: 12
Joined: 6.Oct.2007
Status: offline
Hello,

Thank you for your reply to my last message. At the end, I was able to block the messenger the yahoo and msn messenger with and with out the proxy server confguration. So, I was really happy and ready to deploy my configuration but unfortunately, I run some other test just to make sure that everything was OK.

And I discovered that clients on the Internal network were the messenger client filter was applied were experiencing problems using Outlook to download and send e-mails.... (SMTP& POP3). I don't know why.... I have checked the rules and just after I applied the filter for the messenger clients, the SMTP and POP3 protocolos are being blocked by the ISA Firewall... you guys have any ideas in how to solve this problem?

Cheers,

Harold

(in reply to elmajdal)
Post #: 9

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> HTTP Filtering >> IM Blocking Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts