Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
BLocking MSN Messenger, Morpheus, Yahoo etc
- Thread starter markdw
- Start date
Make a new service and disallow TCP port 1863 for MSN, TCP port 1214 for Morpheus.
Yahoo is harder.
Yahoo Messenger can use any TCP port (it most commonly begins on port 5050, then switches to 23 (telnet), 80 (www) and afterwards uses random ports) which makes it difficult to block (even if the Outgoing-TCP service is removed - because YIM attempts to use standard service ports). The easiest way to block this traffic we have found thus far is to add the particular IP address ranges which make up the domains `cs.yahoo.com', `csa.yahoo.com', `csb.yahoo.com', and `csc.yahoo.com' to the blocked site list on the Firebox. This essentially tells the Firebox to discard any traffic from Yahoo's message login servers. When the connection to cs.yahoo.com fails, the client attempts to connect to csa.yahoo.com, csa, csb, then csc.yahoo.com. At the time of writing (Aug 15, 2001) these names all resolved to the same set of IP addresses (just in a different order). Therefore, it is only necessary to block the IP addresses of csc.yahoo.com at this point. This will probably change, so when setting up the policies to block yahoo Messenger it is important to do a current IP lookup of all of these names (with nslookup or a similar utility).
Here is a list of the IP addresses comprised by the domain name "csc.yahoo.com" as of August 15, 2001:
216.136.175.144, 216.136.175.142, 216.136.225.12, 216.136.224.213 216.136.225.83, 216.136.224.214, 216.136.226.118, 216.136.175.143, 216.136.225.11, 216.136.225.35, 216.136.225.36, 216.136.131.93, 216.136.175.145, 216.136.226.117, 216.136.225.84
The following provides step-by-step instructions on adding the yahoo Messenger login servers to the blocked site list:
Open Policy Manager with your current configuration file.
Select Setup => Blocked Sites.
The Blocked Sites window appears.
Click the Add button. At the Type field, select Host IP address. Enter the first IP in the Value field.
Click OK to close the Add Site dialog box and store the first IP address.
Repeat step 3 to add the remaining IP addresses to the list.
When finished, click the OK button at the Blocked Sites window.
Save the new configuration file to the Firebox.
Yahoo is harder.
Yahoo Messenger can use any TCP port (it most commonly begins on port 5050, then switches to 23 (telnet), 80 (www) and afterwards uses random ports) which makes it difficult to block (even if the Outgoing-TCP service is removed - because YIM attempts to use standard service ports). The easiest way to block this traffic we have found thus far is to add the particular IP address ranges which make up the domains `cs.yahoo.com', `csa.yahoo.com', `csb.yahoo.com', and `csc.yahoo.com' to the blocked site list on the Firebox. This essentially tells the Firebox to discard any traffic from Yahoo's message login servers. When the connection to cs.yahoo.com fails, the client attempts to connect to csa.yahoo.com, csa, csb, then csc.yahoo.com. At the time of writing (Aug 15, 2001) these names all resolved to the same set of IP addresses (just in a different order). Therefore, it is only necessary to block the IP addresses of csc.yahoo.com at this point. This will probably change, so when setting up the policies to block yahoo Messenger it is important to do a current IP lookup of all of these names (with nslookup or a similar utility).
Here is a list of the IP addresses comprised by the domain name "csc.yahoo.com" as of August 15, 2001:
216.136.175.144, 216.136.175.142, 216.136.225.12, 216.136.224.213 216.136.225.83, 216.136.224.214, 216.136.226.118, 216.136.175.143, 216.136.225.11, 216.136.225.35, 216.136.225.36, 216.136.131.93, 216.136.175.145, 216.136.226.117, 216.136.225.84
The following provides step-by-step instructions on adding the yahoo Messenger login servers to the blocked site list:
Open Policy Manager with your current configuration file.
Select Setup => Blocked Sites.
The Blocked Sites window appears.
Click the Add button. At the Type field, select Host IP address. Enter the first IP in the Value field.
Click OK to close the Add Site dialog box and store the first IP address.
Repeat step 3 to add the remaining IP addresses to the list.
When finished, click the OK button at the Blocked Sites window.
Save the new configuration file to the Firebox.
- Thread starter
- #3
Thanks so much for your answer.
Forgive my ignorance, but I have very little knowledge on how these hings work.
I have gone to my SOHO admin page, and under Firewall I have selected Custon Service.
I gave the Service a name (MSN) and added the PORT address you gave me and clicked add. then selected DENY for both incoming and outgoing, then saved it.
I can still log in to messenger. Am I doing somthing wrong?
Many thanks again - Mark
Forgive my ignorance, but I have very little knowledge on how these hings work.
I have gone to my SOHO admin page, and under Firewall I have selected Custon Service.
I gave the Service a name (MSN) and added the PORT address you gave me and clicked add. then selected DENY for both incoming and outgoing, then saved it.
I can still log in to messenger. Am I doing somthing wrong?
Many thanks again - Mark
check this link:
u will find all u answer!
Watchguard&Fortigate
=======================
From Shanghai of China
Msn:glamout2k@hotmail.com
Glad chat with u!
u will find all u answer!
Watchguard&Fortigate
=======================
From Shanghai of China
Msn:glamout2k@hotmail.com
Glad chat with u!- Thread starter
- #5
- Status
Similar threads
- Locked
- Question