Re: Google Talk

popvalores · ‎10-14-2005

The IPS does not block Google Talk. I have investigated that uses the port 5222 and that is a type of Jabber. How can to block this type of messenger?

wsulym · ‎10-17-2005

The jabber signatures detect Jabber activity specifically. Google Talk, may use the same ports but differ enough so that the signatures existing do not fire. I haven't looked at any of the google traffic yet so I can't say for certain.

We'll investigate this an add signatures as appropriate. We will treat this as a lower priority, so you may not see signatures for a couple updates, however, we will look at it.

jeremyarcher · ‎04-11-2007

I'd like to see this signature as well.

norriscr1 · ‎04-12-2007

Agreed. While I think that control of "banned" apps. such as P2P, IM, etc., is best solved with a well written and enforced corporate policy, it's still nice to have the IDS be able to flag violations for us.

For us enforcing the no IM/P2P is not a low priority since it means those no supported apps. are installed and running somewhere on our network. Since they are not suported they are not being kept up to date with patches/fixes and could be vulnerable to attack.

popvalores · ‎04-12-2007

I have a corporative policy. However, it must exist the controls to avoid that the users cannot accede this type of applications or at least to give account me that this use this application or trying. Even so the IPS must support by means of some signature the detection of this application.