[c-nsp] Firewall Recommendations
Paul Stewart
pstewart at nexicomgroup.net
Thu Aug 18 21:32:01 EDT 2005
Actually thinking about doing that... Thanks for the suggestion..:)
How do you do a regex expression in CBAC? Never done that...
Thanks,
Paul
-----Original Message-----
From: Rolf Mendelsohn [mailto:rolf at cyberops.biz]
Sent: Thursday, August 18, 2005 7:10 PM
To: Wojtek Zlobicki
Cc: Paul Stewart; cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] Firewall Recommendations
slightly ot:
How about a simple squid proxy for blocking various things.
acl block-msn rep_mime_type -i ^application/x-msn-messenger$
that blocks access to msn - provided the client is using msn, adding
other messenger apps is easy. Aswell as doing various other things.
otherwise perhaps try that regex string for you cbac.
cheers
/rolf
On Thursday 18 August 2005 10:53 pm, Wojtek Zlobicki wrote:
> Have you considred blocking it at Layer 8 ? AKA changing the
> computer policy at work to strictly forbit it. I have also seen
> Windows Active Directory group policies that blocked the app.
>
> On 8/18/05, Paul Stewart <pstewart at nexicomgroup.net> wrote:
> > We are in immediate need (next couple of weeks) of a firewall for
> > our own offices. I'm wondering what everyone's experience has been
> > with the new ASA series from Cisco. Also, any feedback/comparison
> > on Watchguard would be handy....
> >
> > This has been sparked by MSN Messenger blocking on the application
> > level in our offices. We have been trying to block it
> > unsuccessfully with CBAC variations and when we finally found a way
> > to completely block it, half the websites we want to go to can't be
reached....
> >
> > Thanks in advance,
> >
> > Paul Stewart
> > Network Specialist
> > Nexicom Inc.
> >
> > _______________________________________________
> > cisco-nsp mailing list cisco-nsp at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > archive at http://puck.nether.net/pipermail/cisco-nsp/
--
Rolf Mendelsohn
Internet Technologies Holdings
Angolan Cell: +244-92-3524981
Angolan Office: +244-2-356110
Namibian Office: +264-61-375484
More information about the cisco-nsp
mailing list