RE: [FW1] ICQ

Wed, 12 Jul 2000 10:16:17 -0700 


Whoops, typo on my part, that should be TCP 4000.

 -----Original Message-----
From:   Scheidel, Greg  
Sent:   Wednesday, July 12, 2000 11:51 AM
To:     'Dwayne Mowers'; 'fw-1-mailinglis'
Subject:        RE: [FW1] ICQ


I recommend that you block:

- any -> any -> UDP 4000 -> drop (the default service port that ICQ uses to
establish a connection to their login servers)

- any -> ICQ_Servers -> any -> drop (ICQ_Servers group based on resolution
of icq.mirabilis.com and defined as 205.188.153.105, 205.188.153.108,
205.188.153.111, 205.188.153.114, 205.188.179.33, 205.188.179.36,
205.188.179.41, 205.188.153.97, 205.188.153.101)

Note that this is not 100% effective, as it is possible that any given
Internet IP address could be a proxy server, and could be proxying from any
service port (21, 23, 25, 80, whatever) to the ICQ service ports & servers.
Things are quickly approaching the point where it will be impossible to use
a firewall to block these types of applications while still allowing general
Internet access.
 
Greg S.

 -----Original Message-----
From:   Dwayne Mowers [mailto:[EMAIL PROTECTED]] 
Sent:   Wednesday, July 12, 2000 10:24 AM
To:     'fw-1-mailinglis'
Subject:        [FW1] ICQ


I know this has probably been a question resolved in the past...can someone
tell me how to block ICQ, theport and settings for the rule base for FW1
SP1, I am new to checkpoint and would appreciate a response.

Thanks!

Dwayne Mowers
CCSA
MAS Consulting


============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================
====


============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================
====


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Reply via email to