Solved

Block MySpace and IM on Cisco 1700 Series Router

Posted on 2007-03-21
6
477 Views
Last Modified: 2008-01-09
I need to block MySpace and AOL IM on a Cisco 1700 series router/firewall.  I have tried to setup the Access-list but I am still having problems.
0
Comment
Question by:ComNetPlus
  • 3
  • 3
6 Comments
 
LVL 20

Expert Comment

by:RPPreacher
ID: 18763663
Can you post the ACL that you created?
0
 

Author Comment

by:ComNetPlus
ID: 18763727
Since it wasn't working I did not save the temporary access-list and did not save it to the configuration.
Here's where it currently stands.

Standard IP access list 10
    permit 10.10.10.0, wildcard bits 0.0.0.255 (250915 matches) check=27638
0
 
LVL 20

Accepted Solution

by:
RPPreacher earned 125 total points
ID: 18763801
Block port 5190 (AIM)
Block IP ranges 67.134.143.0 - 67.134.143.255

The access-list should look like this

access-list 101 deny tcp any any eq 5190
access-list 101 deny ip any 67.134.143.0 0.0.0.255
access-list 101 permit ip any any
0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 

Author Comment

by:ComNetPlus
ID: 18763934
What IP is subnet 67.134.143.0?
When I ping www.myspace.com I receive IP 216.178.38.131.
0
 
LVL 20

Expert Comment

by:RPPreacher
ID: 18763995
I went to arin.net
myspace.com owns 67.134.143.0/24.
0
 

Author Comment

by:ComNetPlus
ID: 18764266
I don't fully understand why, but I had to have both entries to be effective.

access-list 101 deny tcp any any eq 5190
access-list 101 deny ip any 67.134.143.0 0.0.0.255
access-list 101 deny ip  any 216.178.38.0 0.0.0.255
access-list 101 permit ip any any

Anyway it all now works and blocks myspace.

Thanks,
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Article by: rfc1180
The Maximum Segment size (MSS) is an important consideration when troubleshooting connectivity via the Internet/Intranet. As the packets are routed via the Internet/Intranet, the packets must traverse through multiple routers in the path between two…
Article by: Ahmedn1
Introduction Some developers today tend to use Skypekit in their applications to make it more interactive with the user. Skype API is very awesome indeed but the problem is it is only available in C++, Java and Python. I can't understand why Micr…
The goal of the tutorial is to teach the user how to instant message and make a video call in Skype.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now