?
Solved

Blocking access to MSN Messenger 7.0(Beta)

Posted on 2005-02-24
18
Medium Priority
?
7,047 Views
Last Modified: 2011-08-18
Hi,

Can anyone help? I'm tearing my hair out trying to restrict my childrens use of MSN Messenger 7.0(Beta). I have tried any number of solutions I have found on the Web but none work. I am running under XP Pro and have a Netgear DG834G Firewall which controls access from all 3 of our computers to the Net. The children come in via a Wireless connection to the Firewall.

Your hopefully,

Jeremy Britton
0
Comment
Question by:brittjerry
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 5
  • 3
  • +1
18 Comments
 
LVL 3

Expert Comment

by:JMontaine
ID: 13397327
0
 

Author Comment

by:brittjerry
ID: 13398484
Yep, Tried the things in this thread too, but no real help I'm afraid. Anyone else offer any helpful suggestions? MSN Messenger 7.0 seems to have lots of alternative TCP ports and i/p addresses that it tries; I have even run a network traffic analyser product called Ethereal which throws up lists of TCP ports and i/p's that MSN seems to be using - as fast as I block some, other appear. Someone out there must have a clue how this product works and what the definitive way to block it is........

Jeremy Britton
0
 
LVL 3

Expert Comment

by:JMontaine
ID: 13401920
try editing the hosts file.

its in c:\windows\system32\drivers\ect

put entries in there for

127.0.0.1     gateway.messenger.hotmail.com
127.0.0.1     messenger.hotmail.com

this should stop them from being able to login. Unless there are other login servers I don't know about.

0
Get real performance insights from real users

Key features:
- Total Pages Views and Load times
- Top Pages Viewed and Load Times
- Real Time Site Page Build Performance
- Users’ Browser and Platform Performance
- Geographic User Breakdown
- And more

 

Author Comment

by:brittjerry
ID: 13403088
Thanks for that - what I really want to do is to restrict access rather than block it altogether (which I can do with my firewall now) however. Its the ports it uses I need to know; I can't find anything anywhere on the 'net that tells me what they are, hence my posting here. Jeremy
0
 
LVL 3

Expert Comment

by:JMontaine
ID: 13403949
The way they make these chat programs now it's almost imposible to block ports. If they cant get through on one port they scan for any open ports and try to use them.
0
 
LVL 27

Expert Comment

by:Asta Cu
ID: 13404782
A couple of links that may help some; the first of which details blocking MSN Messenger in corporate environment, but may add insight and shows ports...  the second has helpful links about security related issues and the beta item you've mentioned.
http://support.microsoft.com/kb/889829
Protect Against Exploit Code Related to Security Bulletin MS05-009
Published: February 9, 2005 | Updated: February 11, 2005
http://www.microsoft.com/security/incident/im.mspx

You may already have seen this, but may add insight as well..
http://support.microsoft.com/default.aspx?scid=kb;en-us;316660

Policies may also help, some thoughts here and also gives info on ports:
http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/intmgmt/24_xpmsg.mspx

I've been looking into the MSN Spaces beta and found it interesting and curious if it may provide some workarounds...
MSN Spaces Offers Protection and Control

MSN Spaces is designed to give consumers control over how they share their Space information and who can access it:

Permissions. Consumers have three permission control settings on their MSN Spaces site, enabling them to decide just how widely they want to share their content:
Public: Viewable by anyone
Contacts Only: Viewable only by their MSN Messenger contacts
Private: Viewable only by contacts whose e-mail addresses are manually entered by the MSN Spaces author or selected from an MSN Contact list
Controls. MSN Spaces gives the consumer control over how others interact with his or her Space. MSN Spaces includes settings that give each person power over who views his or her Space and how people can interact, read and comment on the Space. This includes the ability to set up the Space so people can read but not comment.
Statistics. Consumers will be able to track visitor statistics on their Spaces site, so they will know how many people are visiting as well as other detailed information.
Here for more, if this interests you.
http://www.microsoft.com/presspass/newsroom/msn/factsheet/MSNSpaces.asp

If I've missed the boat and misunderstood, apologies.
":0) Asta
0
 
LVL 23

Expert Comment

by:Tim Holman
ID: 13416185
I have exactly the same router at home.
The schedule function doesn't work, so you cannot allow or block by schedule, and also, I've blocked all TCP/1863 and access to 207.45.1.1-207.46.254.254 (or whatever the IP addresses are in the below article, which I can't see for some reason...), as you would do on a corporate firewall to block MSN, but still, it gets through.

http://support.microsoft.com/kb/889829

I think there's something wrong with the Netgear software !
0
 
LVL 23

Expert Comment

by:Tim Holman
ID: 13416188
If anyone finds a way to do it with the Netgear, then let me know - I can do this with PIX, CheckPoint etc, but the darn Netgear just does not play ball !!  :)
0
 

Author Comment

by:brittjerry
ID: 13422683
Tim, My Netgear router works fine - the schedule thing blocks everything within the times I state and I really value the product. The issue is with MSN Messenger and it looks impossible to block to me - it just keeps finding a way round. Nice one Microsoft.... I'm a bit disappointed the brains on this forum don't have an answer though - time to look somewhere else I suppose.
0
 
LVL 27

Expert Comment

by:Asta Cu
ID: 13471473
As is the case always, "beta" means just that and doesn't even have 'developer support' for obvious reasons (beta out to test and collect user information) ....  so although I sure hope you find a solutions, would venture to say that participating in the MSN Messenger Beta process and forums may be your most direct route to escalate issues and have the developers help resolve issues.   Since I rarely run 'beta code' these days (having done it for years in the efforts to help resolve 'final release' issues), must admit this isn't one of the ones I've tried.  I sure hope you find what you seek, and would definitely consider (were I in your shoes) to participate with the MSN related user groups and forums within the MSN environment to escalate your issues and seek developer assistance.

Asta
0
 
LVL 23

Expert Comment

by:Tim Holman
ID: 13547980
I can get my Netgear to completely block MSN access by disabling port 1863 and blocking access to the 207.x.x.x MSN servers, as explained in my post above.  Does this not work for you ?
Trouble is, I cannot do this by schedule.  Both Allow By or Block By Schedule tactics have the same non-affect ! :)
0
 

Author Comment

by:brittjerry
ID: 13549447
Tim, Thanks for that, so can I. My point is that I am trying to use the Netgear firewall controls to schedule access to MSN rather than block it completely. I am trying to teach my children to use it responsibly but I need a back stop! It seems to me there is a bug in the Netgear firewall, which your post rather confirms. Thanks for the input. if you can throw any more light on the problem all thoughts welcome. I tried contacting Netgear but no joy there.

0
 
LVL 23

Accepted Solution

by:
Tim Holman earned 2000 total points
ID: 13549544
Netgear sent me a link to their latest code 2.10.09 - http://www.longview.eclipse.co.uk/netgear/ 
This failed to address the issue though...
0
 
LVL 23

Expert Comment

by:Tim Holman
ID: 13758254
There are some severe problems with Netgear's firewall module!
I managed to block access to MSN Messenger by adding a static route for 207.46.0.0 255.255.0.0 and pointing it to 127.0.0.1 (which blackholes the traffic).  This can be done via the Netgear web interface.
Works a treat....   but strewth, the Netgear firewall is a joke - maybe it needs rebooting each time a new policy is applied ?  Who knows... ?  ;)
0
 

Author Comment

by:brittjerry
ID: 13759890
Tim, Thats really helpful. Can you explain to me how I set up that static route? I'm a bit of a novice on this firewall stuff! Which web page do I use and how do I set it up please? I feel I'm on the verge of getting the answer I need......
0
 
LVL 23

Expert Comment

by:Tim Holman
ID: 13760905
When you open up the Netgear web page, there's an option on the left hand side saying 'Static Routes'.  
Go into this, and click Add.

Name - can be anything - say MSN
Tick the Active checkbox
Destination IP address - 207.46.0.0
IP Subnet Mask - 255.255.0.0
Gateway IP Address - 127.0.0.1
Metric - 2

Apply

Should do the trick.. :)
0

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
Do you want to know how to make a graph with Microsoft Access? First, create a query with the data for the chart. Then make a blank form and add a chart control. This video also shows how to change what data is displayed on the graph as well as form…
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question