How to block web messenger with AIM-IPS?

Unanswered Question
Feb 11th, 2009
User Badges:

Hello, I have a 2821 with an AIM-IPS card. I would like to block some applications over http, like web messenger, remote desktop over http (like logmein) and these kind of services. I have enabled all signatures in the IPS and when I start a web messenger client (for example no signature fires. Are there any solutions to block them?

Thanks in advance.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
roshan.maskey Sat, 04/04/2009 - 19:48
User Badges:

Hi Victor,

This might help you on blocking web messengers.

regex imo "imo\.com"

regex meebo "meboo\.com"

regex imhaha "imhaha\.com"

regex mabber "mabber\.com"

regex web_msn "webmessenger\.msn\.com"

regex koolim "koolim\.com"

regex msnfx "messengerfx\.com"

regex iloveim "iloveim\.com"

regex goowy "goowy\.com"

regex plugoo "plugoo\.com"

regex imunitive "imunitive\.com"

regex snimmer "snimmer\.com"

regex ebuddy "www\.ebuddy\.com"

class-map type regex match-any BLOCK-WEB-IM

description Deny all web messengers

match regex imo

match regex web_msn

match regex koolim

match regex imunitive

match regex goowy

match regex mabber

match regex ebuddy

match regex meebo

match regex iloveim

match regex msnfx

match regex snimmer

match regex imhaha

match regex plugoo

class-map type inspect http match-all IM-DOMAIN-BLOCK

match request header host regex class BLOCK-WEB-IM

policy-map type inspect http INSIDE-L7-POLICY


protocol-violation action drop-connection log


reset log

policy-map inside-policy

class inside-class

inspect http INSIDE-L7-POLICY


This Discussion