Solved

How to block access to instant messengers (MSN/AOL)

Posted on 2006-10-26
7
1,460 Views
Last Modified: 2011-09-20
We have a HotBrick Firewall, and I need to block access to MSN messenger and AOL Instant Messenger... does anyone knows to to setup this filter... or what ports should be blocked?

Thanks
0
Comment
Question by:ITMiami
  • 3
  • 2
  • 2
7 Comments
 
LVL 11

Expert Comment

by:prueconsulting
ID: 17813441
The problem with ports is both of these can tunnel over HTTP so unless you have some url filtering capabilties you wont block it totally

MSN Messenger – Users must login to the centralised service to locate other users. Once a connection is established, users message each other directly in peer-to-peer fashion. The default IP port for MSN Messenger is 1863 but the client is ‘port-agile’ and, if the port is blocked, it will look for other open ports – next targeting the HTTP port 80. MSN Messenger supports HTTP proxies, but does not support HTTP proxy authentication. Note that file transfers occur over TCP port 6891, audio and video conferencing over UDP ports 13324 and 13325, and application sharing is commonly TCP port 1503.
Yahoo Instant Messenger – Users login to the centralised Yahoo IM service to find other users. Once authenticated and online, users may choose to message each other directly or through shared chat rooms. The default port for Yahoo Instant Messenger is 5050 but the client is ‘port-agile’ and, if the port is blocked, it will look for other open ports – next targeting the HTTP port 80. Just like MSN Messenger, the client supports HTTP proxies, but not HTTP Proxy authentication. Note that file transfers and file sharing is commonly done over TCP port 4443.

AOL Instant Messenger (AIM) – Users login in to the AOL Open System for Communication in Real-time (OSCAR) and then begin communications with Basic OSCAR Services (BOS) to locate and message other users. These messages pass through the server before being forwarded to the recipient. File transfers, voice traffic and other large digital payloads are conducted in peer-to-peer mode – whereby the initiating IM client sends its IP address and an open port over the service, so the remote client can connect to it.
The default port for the AIM client is 5190 and, if the port is blocked, the ‘port-agile’ software will attempt to communicate over port 23 (telnet), 20 & 21 (FTP) and then 80 (HTTP). In addition, users can choose to go through a SOCKS v4/v5, a HTTP proxy or HTTPS proxy. However, when tunnelling over the HTTPS proxy connection, AIM does not use SSL to encrypt traffic.

However you can attempt to block "login.oscar.aol.com" which should render the software useless by disallowing the login to happen.
0
 

Author Comment

by:ITMiami
ID: 17816539
So MSN there is no way to block... I can use url filtering in the firewall but what should I add to block msn
0
 
LVL 22

Expert Comment

by:orangutang
ID: 17816616
Why not just uninstall them if you don't want them to access the Internet, since that's all they're used for.
0
Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

 
LVL 11

Accepted Solution

by:
prueconsulting earned 500 total points
ID: 17816724
According to Microsoft support website, to block MSN, you take either outbound access to TCP port 1863, and outbound HTTP access to messenger.hotmail.com

These are also some other login servers i have found for popular IMs
AOL Instant Messenger: login.oscar.aol.com:443
AOL Instant Messenger: login.oscar.aol.com, possibly toc.oscar.aol.com and login.icq.com
MSN Messenger: gateway.messenger.hotmail.com (was login.gateway.hotmail.com)
ICQ: login.icq.com and http.proxy.icq.com (Was icq.mirabilis.com and login.icq.com previously)
Yahoo! Messenger: msg.edit.yahoo.com/*
(Yahoo! Messenger: Might also need to block messenger.yahoo.com/*andhttp.pager.yahoo.com/* Be sure to type in the http on that last URL).

If this is also running in a AD environment you can use a GP to block execution of the IM exes
0
 

Author Comment

by:ITMiami
ID: 17820770
Thanks prueconsulting it worked perfectly...

----------------------------------------------------------------------------------------------


orangutang because the users will reinstall it and we will be back were we started...
0
 
LVL 22

Expert Comment

by:orangutang
ID: 17820777
Oh, good idea! Sorry, wasn't thinking :)
0
 
LVL 11

Expert Comment

by:prueconsulting
ID: 17820794
Glad to be of help..
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
In this video I am going to show you how to back up and restore Office 365 mailboxes using CodeTwo Backup for Office 365. Learn more about the tool used in this video here: http://www.codetwo.com/backup-for-office-365/ (http://www.codetwo.com/ba…
Hi friends,  in this video  I'll show you how new windows 10 user can learn the using of windows 10. Thank you.

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now