AIM using port 53 to connect to service (Full Version)

All Forums >> [ISA Server 2000 Cache] >> Web Proxy Client


deyster -> AIM using port 53 to connect to service (15.Oct.2003 7:37:00 PM)

I found out some people are using AIM and it's going out over port 53. It shows in my web proxy log as a ssl-tunnel and is coming from an anonymous user. I have authentication configured, but I do not use "ask unathenticated users for blah blah blah." I configured a site and content rule to not allow anyone to go to and I created to protocol filters to not allow anyone to connect to port 53 on outbound tcp.

I am running a copy of aim on a test box and I can still connect. I read through Tom's article and made a couple of changes that can help if you only use the web proxy client and not a firewall client. Going to the firewall client is NOT an option for us.

I know port 53 is DNS and don't want to block that. Is there anyway to block anyone going to on port 53 without screwing up DNS.

EDIT: It seems that these people are completely bypassing our ISA server also.

TIA for your help.


[ October 15, 2003, 07:43 PM: Message edited by: deyster ]

sniper -> RE: AIM using port 53 to connect to service (27.Oct.2003 5:57:00 PM)


Have you tried making a destination set that will restrict the connection. Other option is resove the host to an IP address or range and block TCP connections to it

Page: [1]