mrlader
asked on
IPSEC with Wildcards or a better way to block yahoo messenger.
I'm attempting to block serveral diffrent instant messenger progs. using IPSEC policies. Most have gone down without too much trouble. The exception is Yahoo Messenger. I've found at least 50 diffrent ip address for logon servers and no matter how many I block it just finds a new one. It's drivin me nuts. They all have a common part of the host name *.msg.dcn.yahoo.com and they all appear to come from the same few IP ranges. They are 216.136.x.x, 216.136.x.x and 246.155.x.x. Short of entering everyone of these IP's is there a way to either block everything from *.msg.dcn.yahoo.com or by the IP ranges. Thanks in advance.
Matt
Matt
Matt,
One thing you could do is try software that is meant to perform this job like this one: http://blockyahoo.port5.com/
This info below was "borrowed" from the www.phoneboy.com website:
--------------------------
You will need to block or allow access via port 5050 to the following IP addresses:
Yahoo Instant Messengers:
Yahoo_1 = 24.71.200.68
Yahoo_2 = 204.71.202.73
Yahoo_3 = 204.71.200.54
Yahoo_4 = 204.71.200.55
Yahoo_5 = 204.71.200.56
Yahoo_6 = 204.71.200.57
Yahoo_7 = 204.71.177.35
Yahoo_8 = 204.71.202.59
Yahoo_9 = 204.71.202.58
Yahoo_10 = 216.115.105.214
Yahoo_11 = 204.71.201.47
Yahoo_12 = 204.71.201.48
Yahoo_13 = 216.115.105.215
Yahoo_14 = 216.136.172.221
Yahoo_15 = 216.115.107.63 es21.msg.yahoo.com
Yahoo_16 = 216.115.107.64 es22.msg.yahoo.com
Yahoo_17 = 216.115.107.65 es23.msg.yahoo.com
Yahoo_18 = 216.115.107.66 es24.msg.yahoo.com
Yahoo_19 = 216.115.107.67 es25.msg.yahoo.com
Yahoo_20 = 216.115.107.101 es26.msg.yahoo.com
Yahoo_21 = 216.115.107.102 es27.msg.yahoo.com
Yahoo_22 = 216.115.107.103 es28.msg.yahoo.com
Yahoo_23 = 216.115.107.104 es29.msg.yahoo.com
Yahoo_24 = 216.115.107.105 es30.msg.yahoo.com
Yahoo_25 = 216.136.173.179 es31.msg.yahoo.com
One thing you could do is try software that is meant to perform this job like this one: http://blockyahoo.port5.com/
This info below was "borrowed" from the www.phoneboy.com website:
--------------------------
You will need to block or allow access via port 5050 to the following IP addresses:
Yahoo Instant Messengers:
Yahoo_1 = 24.71.200.68
Yahoo_2 = 204.71.202.73
Yahoo_3 = 204.71.200.54
Yahoo_4 = 204.71.200.55
Yahoo_5 = 204.71.200.56
Yahoo_6 = 204.71.200.57
Yahoo_7 = 204.71.177.35
Yahoo_8 = 204.71.202.59
Yahoo_9 = 204.71.202.58
Yahoo_10 = 216.115.105.214
Yahoo_11 = 204.71.201.47
Yahoo_12 = 204.71.201.48
Yahoo_13 = 216.115.105.215
Yahoo_14 = 216.136.172.221
Yahoo_15 = 216.115.107.63 es21.msg.yahoo.com
Yahoo_16 = 216.115.107.64 es22.msg.yahoo.com
Yahoo_17 = 216.115.107.65 es23.msg.yahoo.com
Yahoo_18 = 216.115.107.66 es24.msg.yahoo.com
Yahoo_19 = 216.115.107.67 es25.msg.yahoo.com
Yahoo_20 = 216.115.107.101 es26.msg.yahoo.com
Yahoo_21 = 216.115.107.102 es27.msg.yahoo.com
Yahoo_22 = 216.115.107.103 es28.msg.yahoo.com
Yahoo_23 = 216.115.107.104 es29.msg.yahoo.com
Yahoo_24 = 216.115.107.105 es30.msg.yahoo.com
Yahoo_25 = 216.136.173.179 es31.msg.yahoo.com
ASKER
I had thought of terminatorx but this is for a small church school and they don't want to spend money on anything right now. Blocking port 5050 doesn't work because yahoo just finds another port to use. It will even use port 80 if need be.
Thanks
Matt
Thanks
Matt
Well you could block port 80 to these as well (better yet, all ports), but they could always add more servers and cause you to have to modify your settings again. That's the problem you run into when you try to block the program at the network layer versus the application layer.
If you want to go the low $$$ route then I think you're stuck with the manual way of finding server IPs and blocking them.
It might be worth checking on that app I mentioned to see if they will give a break to a church. Some companies offer discounts for schools and churches.
Jeff
If you want to go the low $$$ route then I think you're stuck with the manual way of finding server IPs and blocking them.
It might be worth checking on that app I mentioned to see if they will give a break to a church. Some companies offer discounts for schools and churches.
Jeff
hi mrlader,
you have 3 ways (levels) to block those IPs used by Y! messenger, i am here to list all the levels, the corresponding methods, easibilities and the suitable conditions:
A) name resolving level: to block specific domains and the subordinates, easy, if you can point your clients' DNS settings to your W2K3 based DNS server.
B) IP routing level: to mask the specific IP blocks by changing routing table, very easy if all the related IPs can be grouped in a few IP blocks.
C) TCP port level: to use IPSec policies, difficult, you know why. :)
certainly, all the above methods use the built-in features of W2K3 server, free of charge as what you expect. :)
please tell me which one you one (of course A or B, not C) you prefer, i will tell you the detailed steps.
cheers,
bbao
you have 3 ways (levels) to block those IPs used by Y! messenger, i am here to list all the levels, the corresponding methods, easibilities and the suitable conditions:
A) name resolving level: to block specific domains and the subordinates, easy, if you can point your clients' DNS settings to your W2K3 based DNS server.
B) IP routing level: to mask the specific IP blocks by changing routing table, very easy if all the related IPs can be grouped in a few IP blocks.
C) TCP port level: to use IPSec policies, difficult, you know why. :)
certainly, all the above methods use the built-in features of W2K3 server, free of charge as what you expect. :)
please tell me which one you one (of course A or B, not C) you prefer, i will tell you the detailed steps.
cheers,
bbao
ASKER
Option a would be best but if it's not too much trouble could you do a and b? I would be most greatful for that info. Thank you so so much.
Matt
Matt
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER