topic Google Talk in Network Security

Google Talk

popvalores — Sun, 10 Mar 2019 09:41:42 GMT

The IPS does not block Google Talk. I have investigated that uses the port 5222 and that is a type of Jabber. How can to block this type of messenger?

Re: Google Talk

wsulym — Mon, 17 Oct 2005 14:13:45 GMT

The jabber signatures detect Jabber activity specifically. Google Talk, may use the same ports but differ enough so that the signatures existing do not fire. I haven't looked at any of the google traffic yet so I can't say for certain.

We'll investigate this an add signatures as appropriate. We will treat this as a lower priority, so you may not see signatures for a couple updates, however, we will look at it.

Re: Google Talk

jeremyarcher — Wed, 11 Apr 2007 20:51:09 GMT

I'd like to see this signature as well.

Re: Google Talk

norriscr1 — Thu, 12 Apr 2007 10:46:45 GMT

Agreed. While I think that control of "banned" apps. such as P2P, IM, etc., is best solved with a well written and enforced corporate policy, it's still nice to have the IDS be able to flag violations for us.

For us enforcing the no IM/P2P is not a low priority since it means those no supported apps. are installed and running somewhere on our network. Since they are not suported they are not being kept up to date with patches/fixes and could be vulnerable to attack.

Re: Google Talk

popvalores — Thu, 12 Apr 2007 14:06:18 GMT

I have a corporative policy. However, it must exist the controls to avoid that the users cannot accede this type of applications or at least to give account me that this use this application or trying. Even so the IPS must support by means of some signature the detection of this application.