Block ports on Logmein and RealVNC

Hi there,

Through group policy you can block.

Regards

Hello. If you have an active directory domain you can configure windows firewall using GPO to block the ports on all PCs.

http://technet.microsoft.com/en-us/library/bb490626.aspx

You can also block the execution of the application in the local PCs.

http://technet.microsoft.com/en-us/library/bb457006.aspx

I don't know if you could just get by blocking the ports as RealVNC allows you to switch the port it listens on. It also has a web interface (java applet) that can be configured to run on a completely different port (also configurable). You may want to go the application route as enriquecadalso suggested.

I do not know about Logmein. I would imagine it has some configuration options as well.

if you have a firewall in front of the computers just block all incoming requests.

those services behave like a server application, if you block all incoming requests you are out of danger.

I believe certain hardware firewalls allow you to block traffic at the packet level, do they not?

Package inspection fails if the datastream is encrypted and masked as https traffic.
So. We are back at program installation control

Whereas I agree that program installation control is the best option, it is sometimes difficult to achieve in certain environments (schools and ad/media companies in my experience).  There are devices that will do very clever content inspection, including inspecting inside https data streams, and allow you to block applications according to a signature in the data.  Fortinet (www.fortinet.com) are one vendor of these devices.  I use these and they are very good but require fairly complex configuration (and version 4 firmware which has some stability issues) to achieve everything you want.