Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
msn messenger filter
- Thread starter gleggans
- Start date
First you need to know that messenger uses html to transfer data and the ip changes because it has many adresses to enter to logginet.passport.com, so you have to create a filter profile that search the DNS query to logginet.passport.net and destiny UDP port to 53 ( DNS), a data pattern to look up to UDP 1900, I'm not pretty sure of this packet but it appear in my capture, so it culd be optional. Next you could use port 80 and 443 to data. The secuence i have is
Destiny UDP Port 1900
Destiny TCP Port 1863 at an "DNS name" messenger.com ( IP changes in every connection)
Destiny UDP Port 53
DNS Query loginnet.passport.net
Destiny TCP Port 443
Destiny TCP Port 80 at "DNS Name" messenger.msn.com ( IP changes in every connection)
DNS Query svcs.microsoft.net
I hope this work, I haven't prove yet
Regards
Destiny UDP Port 1900
Destiny TCP Port 1863 at an "DNS name" messenger.com ( IP changes in every connection)
Destiny UDP Port 53
DNS Query loginnet.passport.net
Destiny TCP Port 443
Destiny TCP Port 80 at "DNS Name" messenger.msn.com ( IP changes in every connection)
DNS Query svcs.microsoft.net
I hope this work, I haven't prove yet
Regards
- Status
Similar threads
