| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <BAY9-DAV23RPQIWDO3h000492f3@hotmail.com> From: jbistogood at hotmail.com (Jon) Subject: MSN Contact Blacklisting I guess you could write a program that acts like a proxy between the msn client and server. It would then be easy to filter out certain contacts from the list. However, the user only has to disable the proxy on the connections tab to bypass this, plus you would need some programming skills to write the application in the first place. Another more advanced option is building a packet sniffing application from the winpcap libs. I'm not sure how easy it would be to force a packet to be dropped, but notifying management of messages to unwanted contacts would be do-able. Jon ----- Original Message ----- From: "Dean" <dispacct@...mail.com> To: <SECURITY-BASICS@...urityfocus.com>; <full-disclosure@...ts.netsys.com> Sent: Monday, May 24, 2004 5:53 PM Subject: [Full-Disclosure] MSN Contact Blacklisting > Hi All, > > I look after a small (20) station network and we are looking for a way to > centrally control the contact list on MSN of our users. > > I have seen commercial products such as iMMarshall but these are far too > expensive and much too complicated for our needs. > > Management want us to create a blacklist of unauthorised MSN contacts to > prevent certain individuals spending too much time chatting to their > friends. > > Is this possible? How? I realise a whitelist would be a more effective and > secure solution but we review logs and if we see excessive non-work related > traffic to a certain contact, we would like to block it. The work in > approving each and every contact would be too much bother. > > Is this possible through MSN alone or would we need to install some sort of > filter to drop packets containing 'blacklistedpersonsaddress@...mail.com' or > something?!? > > From security point of view I would agree that MSN etc are a risk, they do > serve a useful purpose in facilitating some of the business that is done > here. Certainly works to cut down costs on speaking with international > clients and suppliers. Previously one might make a dozen phonecalls to the > same supplier chasing terms, stock location, brand, configuration etc etc it > can all be done via MSN instantly. > > Hence the reason we would like to keep it active, yet block those contacts > that are not business related. It is only a small proportion of the > workforce that are abusing the privilege (we do monitor all email/msn > traffic) and if we could find a solution just to block those contacts, > management (and as a result me due to the fact they will be off my case > about it!) will be happy > > I especially would like a solution that is transparent to the end users. > > If this is not the right place to ask I apologise, but I have already tried > in experts exchange,usenet and had NO answers - not even a hint. If there is > an answer already on the web, my google-fu must be very weak. > > I was even looking at installing parental controls (!) but again that would > mean administering each workstation as opposed to doing it through the > server. > > Kind regards > Dean > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html >
Powered by blists - more mailing lists