Solved

How To Block Logmein,gotompc

Posted on 2008-10-22
13
3,814 Views
Last Modified: 2013-12-04
Is there a way to block Logmein and Gotomypc?
I'm behind a pix 515 firewall.
Thanks in advance
0
Comment
Question by:proj2005
  • 7
  • 5
13 Comments
 
LVL 42

Accepted Solution

by:
paulsolov earned 500 total points
ID: 22783129
Easiest way to block any of these service without content filtering is by URL since you need to login to the www.logmein.com, www.gotomypc.com, etc...

Setup a local DNS zone on your DNS server
127.0.0.0 logmein.com gotomypc.com

If they can't resolve to logmmein, gotomypc they can't connect

Another way of doing this is to block installation of the executable such as logmien as a group policy or through your Anti-Virus software
0
 

Author Comment

by:proj2005
ID: 22785808
THanks for the quick response.
I'll try the dns concept first.
I'm sure i'll get phone calls but I need to know who is doing this in my eng dept.
0
 
LVL 42

Expert Comment

by:paulsolov
ID: 22786190
If you're going to do this you may want to lockdown the IP settings via GPO.  If a users can pick their own DNS server or add a host entry on their PC it will bypass the DNS zone on the DNS Server
0
 

Author Comment

by:proj2005
ID: 22786433
I was just going to add that I forward dns request to my isp's dns server If I
cant resolve internally
0
 
LVL 42

Expert Comment

by:paulsolov
ID: 22786562
Not sure if that would work since they don't have control over logmein.com.  Internally situated would be the better solution but it's worth a try to contact your ISP to see if you can accomplish this.
0
 

Author Comment

by:proj2005
ID: 22792176
We are consolidating with our corp office next month and my isp will be changing. They do have
Websense but not sure if they're blocking or only allowing certain users that require this.
I'm assuming below is your internal suggestion? I'm not a gpo expert but I've seen executable
options in my default domain policy.

Thanks, you've been providing some very good solutions.

Another way of doing this is to block installation
of the executable such as logmien as a group policy or through your Anti-Virus software
0
Scale it in WD Gold

With up to ten times the workload capacity of desktop drives, WD Gold hard drives employ advanced technology to deliver among the best in reliability, capacity, power efficiency and performance.

 
LVL 4

Expert Comment

by:yurisk
ID: 22796216
If you have firmware of 8.x you may use URL filtering feature that blocks by any part of domain name
0
 

Author Comment

by:proj2005
ID: 22816544
yurisk,
Firmware on what applicance?
0
 
LVL 42

Expert Comment

by:paulsolov
ID: 22816712
He's talking about the PIX with the ASDM 8.x
0
 

Author Comment

by:proj2005
ID: 22828406
Hello Experts,
sorry for the delays, so before we move to our corp building which is 11/13/08, I will try the following suggestion:

Another way of doing this is to block installation
of the executable such as logmien as a group policy or through your Anti-Virus software

I guess I better find out what the actual installation executable file is for logmein or gotomypc.
Thanks again



0
 
LVL 42

Expert Comment

by:paulsolov
ID: 22828448
Some anti-virus programs label Logmein and GotomyPC as commercial remote control programs.  If your AV/spyware application can isolate this class of applications you may be able to restrict the install very easily
0
 

Author Comment

by:proj2005
ID: 22831747
I'm using an old treadmicro server protect 5.58
The eliminiation or  denying specific executable via gpo as u suggested is more feasible for me.
Do u know off hand the setup exe files?
Thanks,
0
 

Author Closing Comment

by:proj2005
ID: 31521084
Excellent suggestions and has good knowledge base
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

If you have an ASA5510 then this sort of thing would be better handled with a CSC Module, however on an ASA5505 thats not an option, and if you want to throw in a quick solution to stop your staff going to facebook during work time, then this is the…
Security measures require Windows be logged in using Standard User login (not Administrator).  Yet, sometimes an application has to be run “As Administrator” from a Standard User login.  This paper describes how to create a shortcut icon to launch a…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now