Anybody have any idea how to block this? I'd rather my users didn't attempt to abuse Outlook 2003 by adding Hotmail over HTTP (RPC over HTTP). I'd like to block this somehow. Snort can't seem to do this. There isn't a signature ID to look to.
Anybody have any idea how to block this? I'd rather my users didn't attempt to abuse Outlook 2003 by adding Hotmail over HTTP (RPC over HTTP). I'd like to block this somehow. Snort can't seem to do this. There isn't a signature ID to look to.
AFAIK Hotmail doesn't use RPC over HTTPs. Since Outlook 2003 is hardcoded to use the following address "http://services.msn.com/svcs/hotmail/httpmail.asp", enter it into your firewall config as restricted or denied.
![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}