[c-nsp] PIX Question

Josh Duffek consultantjd16 at ridemetro.org
Fri Mar 4 11:17:35 EST 2005


Just block all traffic destined to messenger.msn.com.  Other
applications might not be so easy so I guess it would be a case by case
type thing for those.

Got a list?

Thanks,

josh duffek    network engineer
consultantjd16 at ridemetro.org

> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-
> bounces at puck.nether.net] On Behalf Of Paul Stewart
> Sent: Friday, March 04, 2005 10:11 AM
> To: cisco-nsp at puck.nether.net
> Subject: [c-nsp] PIX Question
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Can a Cisco PIX be used to block application specific traffic such as
> MSN Messenger?  I am looking for Cisco based options to control which
> applications an office can use via a PIX... some applications are easy
> as we can just block ports etc. however MSN for example will drop to
> 80/tcp I believe and we don't want to block http...
> 
> Is there a better device than the PIX or something that we can add to
> it? We basically want to list specific applications and protocols that
> *can* be used and deny everything else...
> 
> To make it more complicated, is there a way to allow certain users
> specific rights?
> 
> Any practical experience in implementing this preferably with Cisco
> related software/hardware would be of great assistance.. we have a PIX
> in one of our offices that is basically a glorified NAT box at this
> time..:)
> 
> Thanks for your time,
> 
> Paul
> 
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.0 (MingW32)
> 
> iD8DBQFCKIilqMetgU57IuQRAtGNAJ9+EbJNE8y19weNoVfgOaRO63BpyACgi8+w
> 2nyq2IPzLN2KP6cQIjlSAXM=
> =CwUE
> -----END PGP SIGNATURE-----



More information about the cisco-nsp mailing list