Re: [FW-1] SmartDefense and IM applications

[Ray]

You can't do it. SmartDefense is an all-or-nothing feature. Hopefully this
will change in a future version. Microsoft just released a KB on blocking
MSN and they said to drop TCP 1836 (Ithink it was) and also block
messenger.hotmail.com .

Since all you mentioned was MSN, you might be able to do it that way if you
have all known IPs for the end users.

Ray

From: Juan Andr�s Galav�s <[EMAIL PROTECTED]>
Reply-To: Mailing list for discussion of Firewall-1
<FW-1-MAILINGLIST@AMADEUS.US.CHECKPOINT.COM>
To: FW-1-MAILINGLIST@AMADEUS.US.CHECKPOINT.COM
Subject: [FW-1] SmartDefense and IM applications
Date: Fri, 25 Feb 2005 16:50:48 AST

Hello list,

I am running two Nokia IP350 modules IPSO 3.71, Firewall-1/VPN-1 NG with AI
R55, and have the SmartDefense service active. I want to block IM
applications for certain users, but allow them to a select group. If I
enable the Application Intelligence -> HTTP Protocol Inspection -> Peer to
Peer header detection for MSN, all packets are dropped (even the privilege
users with an MSN access allow rule).

I need to block this service (application header inspection included) to
some users, but allow it to a select group. Any ideas?
Thank you.

Cheers! / Saludos!

Juan Andr�s Galav�s

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================