Sign in with
Sign up | Sign in
Your question

Yahoo, MSN, AOL etc instant messenger bloacking via firewall

Last response: in Networking
Share
Anonymous
July 21, 2004 1:26:23 PM

Archived from groups: comp.security.firewalls (More info?)

Hi all.

Can anyone tell me the port numbers these apps use so that I can enter
them into our hardware firewall to prevent users from using these
tools?

Thanks.
Anonymous
July 21, 2004 11:02:50 PM

Archived from groups: comp.security.firewalls (More info?)

On 21 Jul 2004 09:26:23 -0700, Karl Rhodes spoketh

>Hi all.
>
>Can anyone tell me the port numbers these apps use so that I can enter
>them into our hardware firewall to prevent users from using these
>tools?
>
>Thanks.

They use whatever ports are available, usually port 80. That makes them
very difficult to block with a firewall and a lot easier to block with
policy...

You could attempt to block access to any passport.net address, that'll
take care of MSN, MSN Messenger, Hotmail and pretty much everything else
you need to sign in for that relates to anything Microsoft...

In the same fashion, you could attempt to block access to anything in
the oscar.aol.com domain, that'll prevent logins to AOL as well as
Netscape webmail.

And, for yahoo, you can block access to *.msg.yahoo.com (IIRC), and
that'll keep people from getting to YIM and Yahoo webmail and anything
else that requires authentication in the land of Yahoo.

So, it's easier to prevent people from install this junk on their
computers in the first place than it is to prevent them from accessing
it...

Lars M. Hansen
www.hansenonline.net
Remove "bad" from my e-mail address to contact me.
"If you try to fail, and succeed, which have you done?"
August 6, 2004 3:52:26 AM

Archived from groups: comp.security.firewalls (More info?)

Lars M. Hansen <badnews@hansenonline.net> wrote in
news:75ftf0hic9g1sbb20fr96u2ltalm5ob1c1@4ax.com:

> They use whatever ports are available, usually port 80. That makes them
> very difficult to block with a firewall and a lot easier to block with
> policy...
>
> You could attempt to block access to any passport.net address, that'll
> take care of MSN, MSN Messenger, Hotmail and pretty much everything else
> you need to sign in for that relates to anything Microsoft...
>
>

You can also block the sites where the software is downloaded from.

Bob

--
Delete the inverse SPAM to reply
Anonymous
August 6, 2004 4:22:43 AM

Archived from groups: comp.security.firewalls (More info?)

In article <Xns953CCAB68470bobatcarolnet@207.69.154.205>, usenetMAPS@
2fiddles.com says...
> Lars M. Hansen <badnews@hansenonline.net> wrote in
> news:75ftf0hic9g1sbb20fr96u2ltalm5ob1c1@4ax.com:
>
> > They use whatever ports are available, usually port 80. That makes them
> > very difficult to block with a firewall and a lot easier to block with
> > policy...
> >
> > You could attempt to block access to any passport.net address, that'll
> > take care of MSN, MSN Messenger, Hotmail and pretty much everything else
> > you need to sign in for that relates to anything Microsoft...
> >
> >
>
> You can also block the sites where the software is downloaded from.

The only means I've found is to ferret out the IP's of the servers. If
you watch the firewall long enough you can get them.

--
--
spamfree999@rrohio.com
(Remove 999 to reply to me)
August 6, 2004 6:43:51 AM

Archived from groups: comp.security.firewalls (More info?)

Leythos <void@nowhere.com> wrote in
news:MPG.1b7c99b19e1b269f98a876@news-server.columbus.rr.com:

>
>>
>> You can also block the sites where the software is downloaded from.
>
> The only means I've found is to ferret out the IP's of the servers. If
> you watch the firewall long enough you can get them.
>

Hosts file is good for this. I follow the URLs to download the apps and
block the server there.

Along with shareware.com, downloads.cnet.com and the like.


--
Delete the inverse SPAM to reply
!