[7.450][INFO] Google Talk browser/standalone logging

[utm_kid]

Hi Friends !

if i am using gmail chat in browser does astaro suppose to monitor that also ?
if so i could not see any log for that
how to setup a gtalk program
gives error could not authenticate to server

Thanks

[dmzalarm]

gmail chat web based (using browser) uses your http/https so they are monitored but you need to look at httpproxy logs - although I don't know how much you can get out of it since it will appear as websurfing.

for stand alone client, google has detail instruction here Required ports to use Google Talk - Google Talk Help

[utm_kid]

Quote:

Originally Posted by dmzalarm

gmail chat web based (using browser) uses your http/https so they are monitored but you need to look at httpproxy logs - although I don't know how much you can get out of it since it will appear as websurfing.

for stand alone client, google has detail instruction here Required ports to use Google Talk - Google Talk Help

Thanks Dear Friend !

[srrudolph]

the information by dmzalarm is correct.

although the gmail chat is also google talk, this one is work via HTTP/HTTPS, so it's monitored by the HTTP Proxy.

the standalone client of google talk (and any other XMPP client) can be monitored via IM/P2P Security >> Instant Messaging >> Protocols (so IM/P2P Classifier is the correct log file to checkout what's going on).

[utm_kid]

Quote:

Originally Posted by srrudolph

the information by dmzalarm is correct.

although the gmail chat is also google talk, this one is work via HTTP/HTTPS, so it's monitored by the HTTP Proxy.

the standalone client of google talk (and any other XMPP client) can be monitored via IM/P2P Security >> Instant Messaging >> Protocols (so IM/P2P Classifier is the correct log file to checkout what's going on).

Yes Sir ,if it is so then it has control on IM section,if it is http/https then there should be control trough http/s its using some differant protolcol (?)xmpp please see report image blow

[dmzalarm]

The only way possible of logging gtalk webclient would be using IPS sid 12303, webclient doesn't use xmpp so it won't fall under IM section.

Using snort for gtalk control can only give you logging/reporting or deny. I would think this is up to individual admins to make that decision and not up to folks at Astaro.

[utm_kid]

Quote:

Originally Posted by dmzalarm

The only way possible of logging gtalk webclient would be using IPS sid 12303, webclient doesn't use xmpp so it won't fall under IM section.

Using snort for gtalk control can only give you logging/reporting or deny. I would think this is up to individual admins to make that decision and not up to folks at Astaro.

Dear DMZalarm,

where i can find more about IPS sid 12303 ,

Thanks

[dmzalarm]

In Astaro, it is "POLICY Google Chat web client connection"

In standard snort installation, it is "alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"POLICY Google Chat web client connection"; flow:established,to_server; uricontent:"/talkgadget/popout"; nocase; classtypeolicy-violation; sid:12303; rev:3"

[Astaro Beta Bot]

Code:

Astaro Beta Report
--------------------------------
Version: 7.450
Type: INFO
State: NONE
Reporter: utm_kid
Contributor: 
MantisID: 
--------------------------------

[utm_kid]

Quote:

Originally Posted by Astaro Beta Bot

Code:

Astaro Beta Report
--------------------------------
Version: 7.450
Type: INFO
State: NONE
Reporter: utm_kid
Contributor: 
MantisID: 
--------------------------------

Hi Friends !

After ips update on 26th gtalk (gmail based -irc ) not working it was working fine !

and there are rules for chat on the ips
if it is blocked by IPS which ips rule i should disable there are two rules for instant messaning i tryed that still no help

Thanks