To block MSN Messenger (what you are calling hotmail messager), you must either know all the IP addresses that MS will use for this (all of loginnet.passport.msn.com) and be willing to change them every time MS makes changes (which is frequently) or you must use an HTTP proxy. Other options include other application firewalls, but we can ignore them for now. Do you let all your clients surf the web directly? If so, then you probably will have to opt for the blocking of all the IP addresses. Please note that this will also break Hotmail and any other Passport related websites. HTH- -GS
-----Original Message----- From: Frédéric Poulet [mailto:pofrederic@yahoo.fr] Sent: Thursday, January 29, 2004 3:35 PM To: suse-security@suse.com Subject: Re: [suse-security] hotmail messager
i can, i think so what i must do ?
Pardon this: This electronic message transmission is a PRIVATE communication which contains information which may be confidential or privileged. The information is intended to be for the use of the individual or entity named above. If you are not the intended recipient, please be aware that any disclosure, copying, distribution or use of the contents of this information is prohibited. Please notify the sender of the delivery error by replying to this message, or notify us by telephone (877-633-2436, ext. 0), and then delete it from your system.
--- "Sturgis, Grant" <Grant.Sturgis@arraybiopharma.com> a écrit : > To block MSN Messenger (what you are calling hotmail messager), you must either know all the IP
addresses that MS will use for this (all of loginnet.passport.msn.com) and be willing to change them every time MS makes changes (which is frequently) or you must use an HTTP proxy. Other options include other application firewalls, but we can ignore them for now.
Do you let all your clients surf the web directly?
yes
If so, then you probably will have to opt for the blocking of all the IP addresses. Please note that this will also break Hotmail and any other Passport related websites.
ok but how i do it ?
HTH-
-GS
-----Original Message----- From: Frédéric Poulet [mailto:pofrederic@yahoo.fr] Sent: Thursday, January 29, 2004 3:35 PM To: suse-security@suse.com Subject: Re: [suse-security] hotmail messager
i can, i think so what i must do ?
Pardon this:
This electronic message transmission is a PRIVATE communication which contains information which may be confidential or privileged. The information is intended to be for the use of the individual or entity named above. If you are not the intended recipient, please be aware that any disclosure, copying, distribution or use of the contents of this information is prohibited. Please notify the sender of the delivery error by replying to this message, or notify us by telephone (877-633-2436, ext. 0), and then delete it from your system.
Yahoo! Mail: votre e-mail personnel et gratuit qui vous suit partout ! Créez votre adresse à http://mail.yahoo.fr
-----Original Message----- From: Sturgis, Grant [mailto:Grant.Sturgis@arraybiopharma.com] Sent: 29 January 2004 22:57 To: Frédéric Poulet; suse-security@suse.com Subject: RE: [suse-security] hotmail messager
To block MSN Messenger (what you are calling hotmail messager), you must either know all the IP addresses that MS will use for this (all of loginnet.passport.msn.com) and be willing to change them every time MS makes changes (which is frequently) or you must use an HTTP proxy. Other options include other application firewalls, but we can ignore them for now.
Do you let all your clients surf the web directly? If so, then you probably will have to opt for the blocking of all the IP addresses. Please note that this will also break Hotmail and any other Passport related websites.
One question is obvious: Are your users subject to a (computer) Acceptable Use Policy (AUP) as part of a contract of employment? If so, and if the restriction of Hotmail Messenger access is a rule set down by management, ask your manager about the possibility of using the AUP to impose a withdrawal of web access for any employees found to use Hotmail Messenger (or similar). Tell employees this is happening, and that you're monitoring network access for abuse of the AUP, and then enforce it a few times to make a hint that you're serious. At all times make sure you're not breaking any privacy laws (or reasonable expectations). I've magnificently failed to restrict MSN (etc.) Messenger access by IP restriction, as the ports change too frequently, so I started to crack down on users. It was _NOT_ a popular move, but it was a reasonable request from my boss so I did it... Tom.
participants (3)
-
Frédéric Poulet -
Sturgis, Grant -
Tom Knight