Hi Amy, OK, if you deny the entire logmein.com domain, you *should* be good. Thomas W Shinder, M.D. Site: www.isaserver.org Blog: http://blogs.isaserver.org/shinder/ Book: http://tinyurl.com/3xqb7 MVP -- ISA Firewalls > -----Original Message----- > From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] > Sent: Sunday, March 12, 2006 8:04 PM > To: [ISAserver.org Discussion List] > Subject: [isalist] RE: OT: Blocking Logmein with Checkpoint > > http://www.ISAserver.org > > Hi Amy, > > From what I can tell, Logmein is another one of those dreaded SSL > tunneled RDPoid applications. > > Most of them can be blocked by denying access to the > negotiation server > that both the client and server much contact before the host to host > communications. You can do a trace and figure that out. Google doesn't > seem to be much help on this one. > > Tom > > Thomas W Shinder, M.D. > Site: www.isaserver.org > Blog: http://blogs.isaserver.org/shinder/ > Book: http://tinyurl.com/3xqb7 > MVP -- ISA Firewalls > > > > > -----Original Message----- > > From: Amy Babinchak [mailto:amy@xxxxxxxxxxxxxxxxxxxxxxxxxx] > > Sent: Sunday, March 12, 2006 7:49 PM > > To: [ISAserver.org Discussion List] > > Subject: [isalist] OT: Blocking Logmein with Checkpoint > > > > http://www.ISAserver.org > > > > I've been called in by a former employer to help secure > their network. > > They've had an IT department gone wild scenario and the > folks that got > > fired have really done some damage including rootkits, > remote access, > > hidden wireless routers, etc. (that's the short story, the > > long story is > > every companies worst nightmare) > > > > My job is to find a way to block logmein using the Checkpoint > > firewall. > > Anyone have any information handy on this service? I read a > > white paper > > on logmein security but it failed to divulge anything that > I could use > > to block the thing. > > > > Amy > > > > > > ------------------------------------------------------ > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > > ------------------------------------------------------ > > Visit TechGenix.com for more information about our other sites: > > http://www.techgenix.com > > ------------------------------------------------------ > > You are currently subscribed to this ISAserver.org Discussion > > List as: tshinder@xxxxxxxxxxxxxxxxxx > > To unsubscribe visit > > http://www.webelists.com/cgi/lyris.pl?enter=isalist > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion > List as: tshinder@xxxxxxxxxxxxxxxxxx > To unsubscribe visit > http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx > >