[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

HOW TO BLOCK FILE TRASFER IN ISA 2004 BUT ALLOW MESSANGER SERVICE

Posted on 2006-06-17
7
Medium Priority
?
1,972 Views
Last Modified: 2008-01-09
Hi,
I am new to ISA 2004 firewall, I want to allow messenger but don't want to use file transfer using messanger. Can any body help me .
0
Comment
Question by:samir_santra
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
7 Comments
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 16927344
MSN uses the following port range (6891-6900 on tcp) for file transfer. try blocking these ports from local host & internal to external
0
 

Author Comment

by:samir_santra
ID: 16928877
This port information is critical. Thank you.

Does all messenger service use the same port range.
Should I apply this on the firewall policy ?
Also can you please guide me how to block this .

Thanks.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 16929062
<<<
Containment

Internet or edge facing firewalls should be configured with a default 'Deny' policy and contain 'Permit' policies for only needed services and applications. With respect to the W32.Bropia.J and W32.Bropia.L worms certain MSN Messenger file transfers can be blocked at the Internet firewall by removing any permit rules that allow TCP port 6891-6900 traffic. Note: Blocking TCP ports 6891-6900 will not block MSN Messenger instant messages as they flow over TCP port 1863.
>>>

This range will block most MSN transfers but not necessarily all. The new versions have proxy settings for both http and socks traffic but is a good start.
I would make a new policy for this range and apply a deny for it.

create a new protocol, give it a name, select the port range for outgoing tcp 6891 to 6900 and save it
Create a new access rule, give it a name and select deny, select the new protocol you created, from internal & local host to external, all users.
Apply the policy
0
Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as the high-speed power of the cloud.

 

Author Comment

by:samir_santra
ID: 16957686
thanks msn-fle transfer is blocked but still I can send files through yahoo messanger. my requirement is that any messanger should work but all file transfer should be blocked.
0
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 1000 total points
ID: 16961831
There is no single policy that will cover every messenger.
yahoo file transfer uses this server
filetransfer.msg.yahoo.com

See
http://help.yahoo.com/l/us/yahoo/messenger/messenger7/messenger/messenger-02.html

Create a deny rule to this url
0
 
LVL 8

Expert Comment

by:charan_jeetsingh
ID: 16967201
for your particular purpose you will require to do some study,

Either you search all the messenger sites and lok for ports used by them for File transfers or install a sniffer on ur machine and try seeing which ports its using to do that....

Cj
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 16981717
Thankyou :)
0

Featured Post

Ask an Anonymous Question!

Don't feel intimidated by what you don't know. Ask your question anonymously. It's easy! Learn more and upgrade.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question