ciscoLover
ISP
Hi all
i need the command which close yahoo messenger port on pix 525 ,please help me.
thanx
i need the command which close yahoo messenger port on pix 525 ,please help me.
thanx
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
close yahoo messenger port on pix 525
- Thread starter ciscoLover
- Start date
- Status
From a 2002 CERT warning:
Yahoo! Messenger runs a variety of services on several ports. Yahoo! Messenger typically listens for peer-to-peer requests on port 5101/TCP and client-to-server communications on 5050/TCP, but is not limited to these ports. Users can attempt to implement a firewall to block inbound and outbound access to port 5101/TCP, 5050/TCP, or any other port(s) that Yahoo! Messenger chooses to bind a service. However, the Yahoo! Messenger client will attempt to connect to the server through ports 20, 21, 25, 37, 80, and 119 if 5050 is blocked, therefore this may not be a viable nor practical solution for most sites.
So to block yahoo messenger you will also be blocking ftp, http and etc. (if that port list from 2002 is still valid.)
If you still want to do it here is how
object-group service YahooMessenger tcp
port-object eq 5101
port-object eq 5050
port-object eq 20
port-object eq 21
port-object eq 25
port-object eq 37
port-object eq 80
port-object eq 119
access-l inside-acl deny tcp any any object-g YahooMessenger
access-l inside-acl permit ip any any
access-g inside-acl in interface inside
You might be able to just block 5101 and 5050, log it, and learn what the server IP addresses are. Then block those servers. You will also learn who is accessing yahoo messenger.
Yahoo! Messenger runs a variety of services on several ports. Yahoo! Messenger typically listens for peer-to-peer requests on port 5101/TCP and client-to-server communications on 5050/TCP, but is not limited to these ports. Users can attempt to implement a firewall to block inbound and outbound access to port 5101/TCP, 5050/TCP, or any other port(s) that Yahoo! Messenger chooses to bind a service. However, the Yahoo! Messenger client will attempt to connect to the server through ports 20, 21, 25, 37, 80, and 119 if 5050 is blocked, therefore this may not be a viable nor practical solution for most sites.
So to block yahoo messenger you will also be blocking ftp, http and etc. (if that port list from 2002 is still valid.)
If you still want to do it here is how
object-group service YahooMessenger tcp
port-object eq 5101
port-object eq 5050
port-object eq 20
port-object eq 21
port-object eq 25
port-object eq 37
port-object eq 80
port-object eq 119
access-l inside-acl deny tcp any any object-g YahooMessenger
access-l inside-acl permit ip any any
access-g inside-acl in interface inside
You might be able to just block 5101 and 5050, log it, and learn what the server IP addresses are. Then block those servers. You will also learn who is accessing yahoo messenger.
- Status
Similar threads
- Locked
- Question
- Locked
- Question
- Locked
- Question