Blocking messengers

[Tiger Shark]

Nebulus: No point in using the IDS to drop both sides of the connection, (Yes Snort will do this if the rule is written to do it and there is also a test facility that allows a message to be sent to the two machines I believe - I gotta look into that in a minute..... ), since the client will assume it is dropped at the firewall and allow the alternative connection to take place.

I'm gonna take a look at the message thingy, test it and see what it does. The I might add the message part to a rule for these chat proggies that will be received by the offending user telling them to quit or die...... . I'll see if it works and get back to you all.

Pooh.....

I use a custom version of snort that does not include flexresp therefore it doesn't recognize the react keyword and fails out on the rule....... Also, this used to send a message to the browser rather than a windows messaging message, (which would be real nice), so it is designed to limit web access more than anything else - shame really... I coulda had a lot of fun with my (L)users......

[avenger_jcc]

I simply restrict access to the hosts file, and then add the servers URL to it.
127.0.0.1 www.aol.com <----- repeat for ALL the aol chat servers.
quick buddy is another one to block too since its Javabased.
*shrug* its work, but if your seriously wanting it gone, it works for me.
the kiddies cant access C:\ so they cant get the hosts file...
its not the best way in a open machine, but its how I stopped it.

[avenger_jcc]

I simply restrict access to the hosts file, and then add the servers URL to it.
127.0.0.1 www.aol.com <----- repeat for ALL the aol chat servers.
quick buddy is another one to block too since its Javabased.
*shrug* its work, but if your seriously wanting it gone, it works for me.
the kiddies cant access C:\ so they cant get the hosts file...
its not the best way in a open machine, but its how I stopped it.

[Tiger Shark]

I am in the fortunate position of having extremely unsophisticated users and a firewall that is blocking their attempts. I was just going to add a snotty message for my own amusement and edification.....

As to blocking access to C:...... Wouldn't work in my environment..... Good suggestion for others tho....

[Tiger Shark]

I am in the fortunate position of having extremely unsophisticated users and a firewall that is blocking their attempts. I was just going to add a snotty message for my own amusement and edification.....

As to blocking access to C:...... Wouldn't work in my environment..... Good suggestion for others tho....