Short Name |
CHAT:AIM:LOGIN-ATTEMPT |
---|---|
Severity |
Info |
Recommended |
No |
Category |
CHAT |
Keywords |
Login Attempt |
Release Date |
2003/04/22 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to login to AIM servers through native AOLIM mode, HTTP proxy mode, or SOCKS proxy mode. These are proxy/tunneling methods to avoid firewalls and IPS filters. Depending on your corporate policies, Instant Messaging can be a violation of your end-user's network usage policy. Setting the action of "Close Client and Server" blocks users from chatting on AOLIM over known HTTP/SOCKS proxy ports. This rule should only be applied to a WAN interface.
None