Re: How do i block google talk on a Firewall ?

From: EDL (r.s.cciestudy@gmail.com)
Date: Thu Jan 24 2008 - 16:39:59 ARST

• Next message: Mike Stout: "Re: Access-List Logging Rate Limit"
• Previous message: John: "test"
• Maybe in reply to: Vinu: "How do i block google talk on a Firewall ?"
• Next in thread: Vinu: "Re: How do i block google talk on a Firewall ?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Results from a quick search on google.com
+++++++++++++++++++++++++++++++++

Blocking Google Talk in your Organization
Recently I had an issue of Blocking Google Talk service for the organization
I work.

In Google Talk Developer Info: it was told that the Google Talk service runs
at url: talk.google.com at port 5222. Tracert revealed that talk.google.com
points to talk.l.google.com @ 209.85.137.125.

But: Blocking 209.85.137.125 at port 5222 does not block Google Talk
service.

Then I used WildPackets.com's OmniPeek Personal Edition to probe out a
packet level analysis.

Google Talk uses Port 80, Port 443 and Port 5223 other than Port 5222 for
its communication purposes. Worst of all: Google Talk connects to
216.239.37.125, 72.14.253.125 and 72.14.217.189 other than 209.85.137.125.
It connects to Ports 5222, 5223, 443 and 80 in all the cases.

Blocking all these 4 addresses blocks Google Talk at both Browser and Talk
Client. Note: This does not disable Google mail.

Bottom line: Block access to 216.239.37.125, 72.14.253.125, 72.14.217.189
and 209.85.137.125 on ports 80, 443, 5222 and 5223.

Note1: This is one of the measures to Block Google Talk. Meebo has an option
wherein one can logon to any IM network., including Google, MSN and Yahoo!.
So does Kool IM, eBuddy and ILoveIM. So you got to block these sites too if
you want to curb IM misuse.

Note2: Geeks will get on a workaround like using an SSH Tunnel using puTTY,
public proxies, TOR, etc., In order to circumvent this., so you got to use
thirdparty traffic shapers like Akonix IM Control, Websense, etc., that
sniff out Jabber traffic and prevent usage of proxies.

Note3: If you want to Block File Transfers alone in Google Talk: Block Ports
20 and 21.

Note4: This blocks Google Talk Gadget too !!!

+++++++++++++++++++++++++++++++++

----- Original Message -----
From: "Vinu" <vinupeter@gmail.com>
To: "Cisco certification" <ccielab@groupstudy.com>
Sent: Wednesday, January 23, 2008 10:21 AM
Subject: How do i block google talk on a Firewall ?

> Is there any specific port that google talk uses ? need urgent help.
>
> --
> Regards,
>
> Vinu Peter
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: Mike Stout: "Re: Access-List Logging Rate Limit"
• Previous message: John: "test"
• Maybe in reply to: Vinu: "How do i block google talk on a Firewall ?"
• Next in thread: Vinu: "Re: How do i block google talk on a Firewall ?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Fri Feb 01 2008 - 10:38:01 ARST