From: Mateo Cabrera <[EMAIL PROTECTED]>
Reply-To: Mailing list for discussion of Firewall-1
<[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: Re: [FW-1] MESSENGER FILE TRANSFER BLOCK
Date: Fri, 27 Aug 2004 14:20:23 -0300
NO...NO...NO...you don´t understand to me....!!!
IN A "R55" ENVIRONMENT:
I need to block FILE_TRANSFERs between two MSN clients client A and client
B
(with hotmail.com accounts) ok?
Both clients are located in differents locations...ok?
The client A are located behind a firewall.
In the Firewall i want to block the FILE_TRANSFER functionality for client
A.
I tried to configure a rule base that to permit HTTP, and
MSN_Services_group
except File_Transfer service.
Later, i to check the P2P-->MSN option in the SmartDefense and check the
"Perform strict protocol enforcement"
BUT...BUT...the clients A and B does continue to transfer the files.
Resuming even if i remove the FILE_TRANSFER service from the rule base the
file transference does continue.
In the log i saw that all connections to use the MSNP service. And if
remove
MSNP service from the rule the client A can´t iniziate the session.
?¿?¿?¿?¿?
Remember in a R55 environment.
Saludos,
Mateo Cabrera - Soporte Técnico
Security Advisor
www.sadvisor.com
-----Mensaje original-----
De: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] nombre de Girard
Moussa
Enviado el: viernes, 27 de agosto de 2004 4:16
Para: [EMAIL PROTECTED]
Asunto: Re: [FW-1] MESSENGER FILE TRANSFER BLOCK
Well,
To answer your question, if there are on the same LAN segment and do not
pass through a firewall as their gateway, then file transfer cannot be
blocked. Why would you want to block file transfer internally between
users?
They can easily share files over the network or via email.
Now as for being able to transfer files with outside users, well, the new
versions of MSN don't even need MSN transfer protocols or any proprietary
protocols. They now tunnel over http and even if you have a proxy in place,
MSN will pick up the settings from IE and tunnel over the proxy. The only
way to block MSN Messenger is at the proxy level if it is aware of MSN
Messenger or at the firewall level via Smartdefense. However, Smartdefense
will stop all MSN related traffic altogether and users would not be even
able to log on to MSN, let alone transfer files.
Girard Moussa
-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On Behalf Of Mihai Lupu
Sent: Friday, 27 August 2004 3:12 PM
To: [EMAIL PROTECTED]
Subject: Re: [FW-1] MESSENGER FILE TRANSFER BLOCK
Hello,
Now when I read your message I think that I remember something like the MSN
files transfer don't involve MSN servers, but only the two PC (sender and
destination); when they are in the same network it is obvious that this
doesn't pass through your FW.
Mihai
-----Original Message-----
From: Mateo Cabrera [mailto:[EMAIL PROTECTED]
Sent: Thursday, August 26, 2004 22:27
To: [EMAIL PROTECTED]
Subject: Re: [FW-1] MESSENGER FILE TRANSFER BLOCK
ok, thanks to all.
But my question was because i did try to send a file from one MSN client to
other.
I did configure a rule permitting all services except MSN_File_Transfer and
the transferense did continue work fine.
The problem was that both MSN clients was in a same internal network, and
somebody told me that the communication between 2 MSN clients in a same LAN
is bypassed by the FW in a second instance. (I don´t know if it´s real)
Saludos,
Mateo Cabrera - Soporte Técnico
Security Advisor
www.sadvisor.com
-----Mensaje original-----
De: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] nombre de Mihai Lupu
Enviado el: jueves, 26 de agosto de 2004 15:22
Para: [EMAIL PROTECTED]
Asunto: Re: [FW-1] MESSENGER FILE TRANSFER BLOCK
Hi!
The NG-AI version of FW-1 knows well the different protocols of MSN, Yahoo
and ICQ (video, file transfer and chat) so you can allow only the protocol
that you want. I use myself this and is OK, I want to allow only chat but
anything else not (like file transfer or video); this stuff could be
dangerous (file transfer) or resources consuming (video) Mihai
-----Original Message-----
From: Mateo Cabrera [mailto:[EMAIL PROTECTED]
Sent: Thu 26-Aug-04 19:19
To: [EMAIL PROTECTED]
Cc:
Subject: [FW-1] MESSENGER FILE TRANSFER BLOCK
HEY GUYs....!!!
Me and other companion on this forum (jon Allingham) we have a
problem to
block the IM File Transfer using SmartDefense.
Somebody know how to configure the FW-1 or SmartDefense to use the
MSN but
do not to block the File Trafnsfers function of MSN?
Thanks a lot.
Saludos,
Mateo Cabrera - Soporte Tecnico
Security Advisor
www.sadvisor.com
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages, send an email to
[EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your subscription options, email
[EMAIL PROTECTED]
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
