topic Re: logmein in Network Security

logmein

niro — Mon, 11 Mar 2019 14:11:59 GMT

Is there a way to block logmein on the ASA?

Re: logmein

JORGE RODRIGUEZ — Tue, 11 Nov 2008 22:19:53 GMT

You can try url blocking using mpf

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080940e04.shtml

Re: logmein

niro — Wed, 12 Nov 2008 04:10:59 GMT

Since logmein uses https for their connection (once the client's installed) I guess this answers my question:

Note: HTTPS filtering is not supported on ASA

Re: logmein

JORGE RODRIGUEZ — Wed, 12 Nov 2008 05:06:53 GMT

Correct.. HTTPS is not supportted.

Are you refering to http://www.logmain.com? if so the initial web connection to logmain is not https but http, if there is any hyperlink within the site that is https you cannot load it as you still need to initially connect to main http site.

Just lab this out using mpf and did work perfectly, have a look at attachment fw log highlighted in red, my source host not able to access site.

As for the logmain client install that uses https I believe CSC-SSM content security module can accomplish the block, there is discussion on CSC, ask the question there.

http://forum.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Security&topic=Firewalling&topicID=.ee6e1fa&fromOutline=&CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.2cc23f5c

Rgds

Jorge

Re: logmein

niro — Wed, 12 Nov 2008 06:54:04 GMT

Thanks Jorge.

I'm actually refering to http://www.logmein.com, and you're right the initial connection is http which is not a problem. However I believe if you already have the client (and I may be wrong) the entire session is https...CSC-SSM probably will be able to do this...I'll give it a try using mpf and see if it works for the client.

Thanks for your response!