Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
366
Views
0
Helpful
2
Replies

AIPSSM - Block MSN file transfer with signature not working

guibarati
Level 4
Level 4

‎12-17-2007 11:53 AM - edited ‎03-10-2019 03:54 AM

I have an ASA firewall with AIP-SSM module, i've configured in the application policy an access-list sending everything to IPS.

In the IPS I enabled the signature 11246 that matches MSN file transfer and set the signature to deny packet inline.

When I use MSN to transfer some file the log of IPS says "deny" for action, but the file is transferred normaly and I want it to be denyed

some idea?

Labels:
0 Helpful
2 Replies 2

tstanik
Level 5
Level 5

‎12-25-2007 07:09 AM

MSN file transfer works over the MSN Messenger Activity. To block the file transfer effectively you will need to block the messenger activity in your case. If you are sending the traffic to the IPS, and can see hits for the signature 11201 "MSN Messenger Activity" and if you only want to block this for certain IP addresses then the solution to your problem is to use 'Event Action Filters' for the existing Signature 11201.

0 Helpful

guibarati
Level 4
Level 4
In response to tstanik

‎12-26-2007 06:07 AM

Hi, thanks but i want to block only the file transfer activity over msn not the msn at all.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card