06-10-2009 04:52 AM
anyone know how to block teamviewer application on JUniper IDP ?
I tried to block port 5938, it was unsuccesful, when i checked teamviewer is using port 80. soi think we should create custom attack object. i tried create that but still unsuccesful. anyone help me
06-10-2009 05:20 PM
I found a Team Viewer post below. Have a look at the predefined attack "Info - SPYWARE:RAT:TEAMVIEW-HTTP-CLNT". Let me know how you make out.
06-10-2009 08:27 PM
I think you may need to then capture the authentication packets and create a custom signature. Either that or open up a ticket with JTAC. They may be able to provide you with a sanity check on the predefined object and your policy.
06-10-2009 08:34 PM
Yes, thanks for update., i already arise this issue to signature team and contact him to help create custom signature to block teamviewer application
01-28-2011 11:23 AM
The attack object "REMOTE-ACCESS:TEAMVIEWER-HTTP" was released June 17, 2010 and was tested to block the TeamViewer application at that time.
You might want to give that a try.