That's pretty much correct as far as R55 and earlier. At the Interspect demo, the CP folks said Interspect can block P2P stuff (and I *think* they mentioned IM, but am not sure) regardless of the port used.
This capability is supposed to be added to FW-1 as well, hopefully in the forthcoming R55W release.
This article, sk21553, is titled "How to stop Instant Messenger from using HTTPS" and discusses how to change FW-1 to use the SSL v3 service instead of the more generic HTTPS service, which will drop IM.
Methinks you would have a rule to allow SSL v3 followed immediately by one that drops HTTPS. I'm not sure what other applications that might break, but it sure would be worth knowing aboiut them.
Ray
From: "Covington, Chris" <[EMAIL PROTECTED]> Reply-To: Mailing list for discussion of Firewall-1 <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: Re: [FW-1] how to block MSN messenger with R54 or R55 Date: Tue, 11 May 2004 12:03:41 -0400
So does everyone who blocks these messenger services also block outgoing SSL? My assumption was that you can only block messenger services if the only available outgoing port is 80.
Chris
================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
_________________________________________________________________ Is your PC infected? Get a FREE online computer virus scan from McAfee� Security. http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963
================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
