Solved

HOW TO BLOCK FILE TRASFER IN ISA 2004 BUT ALLOW MESSANGER SERVICE

Posted on 2006-06-17
7
1,965 Views
Last Modified: 2008-01-09
Hi,
I am new to ISA 2004 firewall, I want to allow messenger but don't want to use file transfer using messanger. Can any body help me .
0
Comment
Question by:samir_santra
  • 4
  • 2
7 Comments
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 16927344
MSN uses the following port range (6891-6900 on tcp) for file transfer. try blocking these ports from local host & internal to external
0
 

Author Comment

by:samir_santra
ID: 16928877
This port information is critical. Thank you.

Does all messenger service use the same port range.
Should I apply this on the firewall policy ?
Also can you please guide me how to block this .

Thanks.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 16929062
<<<
Containment

Internet or edge facing firewalls should be configured with a default 'Deny' policy and contain 'Permit' policies for only needed services and applications. With respect to the W32.Bropia.J and W32.Bropia.L worms certain MSN Messenger file transfers can be blocked at the Internet firewall by removing any permit rules that allow TCP port 6891-6900 traffic. Note: Blocking TCP ports 6891-6900 will not block MSN Messenger instant messages as they flow over TCP port 1863.
>>>

This range will block most MSN transfers but not necessarily all. The new versions have proxy settings for both http and socks traffic but is a good start.
I would make a new policy for this range and apply a deny for it.

create a new protocol, give it a name, select the port range for outgoing tcp 6891 to 6900 and save it
Create a new access rule, give it a name and select deny, select the new protocol you created, from internal & local host to external, all users.
Apply the policy
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:samir_santra
ID: 16957686
thanks msn-fle transfer is blocked but still I can send files through yahoo messanger. my requirement is that any messanger should work but all file transfer should be blocked.
0
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 250 total points
ID: 16961831
There is no single policy that will cover every messenger.
yahoo file transfer uses this server
filetransfer.msg.yahoo.com

See
http://help.yahoo.com/l/us/yahoo/messenger/messenger7/messenger/messenger-02.html

Create a deny rule to this url
0
 
LVL 8

Expert Comment

by:charan_jeetsingh
ID: 16967201
for your particular purpose you will require to do some study,

Either you search all the messenger sites and lok for ports used by them for File transfers or install a sniffer on ur machine and try seeing which ports its using to do that....

Cj
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 16981717
Thankyou :)
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now