AIM Express Port Block

Hello,

I'm looking to block the access of AIM Express on our network. I'm aware of the port the AIM installed software uses, and have blocked it. When I run a network status in the command prompt (netstat /a) I'm seeing that one of the users is connecting to Aim Express on what appears to be port 6595. I just want to gain a second recommendation from everyone else that this is the correct port. Also, does anyone know if any other legitimate software uses this port? Thanks!
ChrisH3Asked:
Who is Participating?
 
KVR_SolutionsConnect With a Mentor Commented:
Here is the easiest method to block Aim Express.

Set up a group policy that blocks an end users ability to change their network settings (especially DNS).

Make sure that the user is using your domain controller as their DNS server. Create a new zone called "aim.com" or whatever the site is that they visit and send it to a bogus address, such as 192.168.1.2.

If you want to have a little fun with it, you can try doing this (additionally):

Point the new Zone on your DNS server to a computer or web server that is running IIS. In IIS on that server, create a new website called "aim.com" or whatever that is. Create a page in the web sites directory called Default.asp and set up a response.redirect (http://pubs.logicalexpressions.com/pub0009/LPMArticle.asp?ID=214) to send the requests to monster.com.

As soon as I did that for all of the major sites like myspace, aim, and facebook.. we had quite a bit of water cooler talk at my company... and a lot more productivity.

Let me know if you need me to explain any of this stuff in more detail.

Ira @ KVR
0
 
AdamBNYCCommented:
Blocking this port will not disable Aim Express. there is no port you can block to prevent AIM Express. Its works over 80 or 443, and is browser based. If you block 80 or 443, there will be websites you will not be able to hit as 80 and 443 are HTTP and HTTPS.
0
All Courses

From novice to tech pro — start learning today.