Blocking is possible ? (Full Version)

All Forums >> [ISA Server 2004 Firewall] >> Access Policies



Message


m.abidkh -> Blocking is possible ? (12.May2010 11:59:58 AM)

Good Day,

I am using ISA 2004 Standard Edt. I just want to Block Google talk and Windows live messenger. I read many posts plus searched on the internet regarding blocking google talk and msn messenger, But in doing so I did not found any solution which worked for me. I tried to block windows messenger through http signature, but its working.

I saw windows messenger signature from here,
(Common Application Signatures:
http://technet.microsoft.com/en-us/library/cc302520.aspx
( Location:Request headers, Http header: "User-Agent:"
Signature: MSMSGS ).

Dont know exactly about google talk signature but maybe it uses port 5222. Also I want to block the chat which appears, when we sign in to any gmail account. I know its hard, because some of the gmail account uses https.

But, I am sure that some one might have block google talk or Windows messenger using ISA, so please can any one tell me in easy way what are the actions to perform to block both of these messengers. Clients are secure nat and Firewall clients.

Thanks & Regards,
Muhammad.




lsjames -> RE: Blocking is possible ? (12.Jun.2010 11:57:44 PM)

Topics about blocking google talk and blocking windows live messenger.




happyhacker81 -> RE: Blocking is possible ? (16.Jul.2010 11:32:32 AM)

you can easily done by using Configure HTTP policy for your rule ... just Righ Click )on Rule)>Configure HTTP .. then go to Signatures Tab and Add your desired IM which you want to block .... here below is Sig values for some IMs.

Yahoo Messenger
============
Search in: Request headers
HTTP header: Host
Signature: msg.yahoo.com

-----------------------

Gtalk
====
Search in: Request headers
HTTP header: User-Agent:
Signature: Google Talk

---------------------
Window Live Messenger
============

Search in: Request headers
HTTP header: User-Agent:
Signature: Windows Live Messenger

you can also find other IM sig by using pack sniffer program like as wireshark ...

cheers!!!!




Page: [1]