Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

AIM BLOW IT UP! HELP Blocking AIM

Status
Not open for further replies.

AV1611

Technical User
Sep 5, 2003
230
US
I have a little twirp that keeps getting paste my firewall loading up AOL AIM. I did several NSLOOKUPS on the aol.com and aol.express.com etc. BUt he keeps finding other ways to log into it. It has a ton of IP's and everytime I block 10 he finds two more. This time is was aimexpress.oscar.aol.com

How can I block any aol Java Applets so this program can't be started period? What can I do here? I need help.

Thanks, AV
 
Try blocking all of the following ports

aol 5190/tcp America-Online
aol 5190/udp America-Online
aol-1 5191/tcp AmericaOnline1
aol-1 5191/udp AmericaOnline1
aol-2 5192/tcp AmericaOnline2
aol-2 5192/udp AmericaOnline2
aol-3 5193/tcp AmericaOnline3
aol-3 5193/udp AmericaOnline3

Or


SF18C
CCNP, MCSE, A+, N+ & HPCC
Tis better to die on your feet than live on your knees!
 
I found the best way to block AOL instant messenger connections on our LANwas to create a record on our DNS server that intercepts all request forlogin.oscar.aol.com and send them to a dead IP address. This I found to bethe best solution since it still allows traffic to all other AOL serversbut prevents AIM from logging in to begin a session. Productivity hasseemed to double since I've done this and this method also seem to work forother IM services like Yahoo's and ICQ. NOTE: Yahoo has four login serversand will require 4 DNS records to block them all.

Dougal
"Sentio aliquos togatos contra me conspirare."
(I think some people in togas are plotting against me.)
 
If you know the person that is doing it and there is a company policy against it, then it is really a management issue. It would be good to find an IT solution just so you take care of people that may try it in the future, but this one person really needs to have their hand slapped (or better yet removed completely) by management.

[red]"... isn't sanity really just a one trick pony anyway?! I mean, all you get is one trick, rational thinking, but when you are good and crazy, oooh, oooh, oooh, the sky is the limit!" - The Tick[/red]
 
I run GoverLan on a network... how can i kill the aim express process? what is the name of it so i can run a scope action and find out who is logged in at the time
 
The problem TomThumbKP is that the person doing this is the "Doctor's" son, whom she worships. If I come off as having a problem with something he does, it could be a time bomb for me.

Dougal1269 how do I "create a record on our DNS server that intercepts all request forlogin.oscar.aol.com and send them to a dead IP address"

Thanks, AV
 
can anyone please help with blocking aim express? i have aim blocked but they are going behind and using this web based one on me.
 
i was thinking about putting an entry in their hosts file that would set all aim addresses to their loopback. would that work?
 
That would work, but you'd need to know all the aim addresses (assuming there are more than 1)
B

----------------------------------------------
Ben O'Hara "Where are all the stupid people from...
...And how'd they get so dumb?"
rockband.gif
NoFX-The Decline
----------------------------------------------
Want to get great answers to your Tek-Tips questions? Have a
 
sorry i didn't get back earlier, as for your question about how to set up the dns to dump these IPs as not real, I will have to ask my engineer. I am the manager and though I know DNS well, I am no gueru ... so I will post the answer when I get it ... sorry again about the delay.

Dougal
"Sentio aliquos togatos contra me conspirare."
(I think some people in togas are plotting against me.)
 
We have login.oscar.aol.com blacklisted on our firewall so no one can log in. Even if a user has a code to bypass the content filter, the blacklist is in effect.

Keep in mind, if the user is particularly savvy, he can still access AIM. Maybe he uses his home computer as a proxy. Maybe he uses a Jabber server as a proxy. Other solutions are out there, so, as a previous poster said, this may be more of a management issue than a technological issue.
 
AV1611

you may want to mention to your Doctor that HIPAA compliance auditors would not look favorably upon using the same machines/network to chat on AIM as patient's records/info is kept on! (if that is the case with her network machines)

that should jerk a knot in the youngin's tail!
 
I have blocked

login.oscar.aol.com

but some user can still logon to Aimex..
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top