From: Jason Madsen (madsen.jason@gmail.com)
Date: Sat Jan 26 2008 - 14:53:39 ARST
In addition to manually blocking Google Talk ports and IP addresses, you may
want to look into NBAR and see if its supported there. If your networking
device doesn't have Google Talk listed as an option, it may be downloadable
at Cisco's site. Just an idea. I believe NBAR does traffic management
(restricted in some manner, policed, or blocked etc.) at layer 7 / the
application layer.
Jason
On Jan 25, 2008 12:35 AM, Vinu <vinupeter@gmail.com> wrote:
> Thanks for that......it is really helpful
>
> On Jan 24, 2008 10:39 PM, EDL <r.s.cciestudy@gmail.com> wrote:
>
> > Results from a quick search on google.com
> > +++++++++++++++++++++++++++++++++
> >
> > Blocking Google Talk in your Organization
> > Recently I had an issue of Blocking Google Talk service for the
> > organization
> > I work.
> >
> > In Google Talk Developer Info: it was told that the Google Talk service
> > runs
> > at url: talk.google.com at port 5222. Tracert revealed that
> > talk.google.com
> > points to talk.l.google.com @ 209.85.137.125.
> >
> > But: Blocking 209.85.137.125 at port 5222 does not block Google Talk
> > service.
> >
> > Then I used WildPackets.com's OmniPeek Personal Edition to probe out a
> > packet level analysis.
> >
> >
> > Google Talk uses Port 80, Port 443 and Port 5223 other than Port 5222
> for
> > its communication purposes. Worst of all: Google Talk connects to
> > 216.239.37.125, 72.14.253.125 and 72.14.217.189 other than
> 209.85.137.125.
> > It connects to Ports 5222, 5223, 443 and 80 in all the cases.
> >
> > Blocking all these 4 addresses blocks Google Talk at both Browser and
> Talk
> > Client. Note: This does not disable Google mail.
> >
> > Bottom line: Block access to 216.239.37.125, 72.14.253.125,
> 72.14.217.189
> > and 209.85.137.125 on ports 80, 443, 5222 and 5223.
> >
> > Note1: This is one of the measures to Block Google Talk. Meebo has an
> > option
> > wherein one can logon to any IM network., including Google, MSN and
> > Yahoo!.
> > So does Kool IM, eBuddy and ILoveIM. So you got to block these sites too
> > if
> > you want to curb IM misuse.
> >
> > Note2: Geeks will get on a workaround like using an SSH Tunnel using
> > puTTY,
> > public proxies, TOR, etc., In order to circumvent this., so you got to
> use
> > thirdparty traffic shapers like Akonix IM Control, Websense, etc., that
> > sniff out Jabber traffic and prevent usage of proxies.
> >
> > Note3: If you want to Block File Transfers alone in Google Talk: Block
> > Ports
> > 20 and 21.
> >
> > Note4: This blocks Google Talk Gadget too !!!
> >
> > +++++++++++++++++++++++++++++++++
> >
> >
> >
> > ----- Original Message -----
> > From: "Vinu" <vinupeter@gmail.com>
> > To: "Cisco certification" <ccielab@groupstudy.com>
> > Sent: Wednesday, January 23, 2008 10:21 AM
> > Subject: How do i block google talk on a Firewall ?
> >
> >
> > > Is there any specific port that google talk uses ? need urgent help.
> > >
> > > --
> > > Regards,
> > >
> > > Vinu Peter
> > >
> > >
> _______________________________________________________________________
> > > Subscription information may be found at:
> > > http://www.groupstudy.com/list/CCIELab.html
> > >
> >
> >
>
>
> --
> Regards,
>
> Vinu Peter
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Fri Feb 01 2008 - 10:38:01 ARST