?
Solved

Blocking MSN / Yahoo Messenger

Posted on 2008-10-07
8
Medium Priority
?
1,526 Views
Last Modified: 2012-05-05
Hi,

Can anyone details how I block both MSN & Yahoo Messenger on my PIX 501 running V6.3

Thanks in advance
0
Comment
Question by:dt3itsteam
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 1

Assisted Solution

by:Cvif3v3r
Cvif3v3r earned 80 total points
ID: 22663654
This link tells you the Ports and IP addresses for MSN and Yahoo Instant Messenger. How to do it specifically on the Pix 500, I do not know, but I hope this helps at least.

http://www.windowsreference.com/security/how-to-block-yahoo-and-msn-messangers-in-a-firewall/
0
 
LVL 12

Assisted Solution

by:Pugglewuggle
Pugglewuggle earned 240 total points
ID: 22666124
You should be able to setup a default inspection rule to block this... the ASA has predefined rules in the ASDM that are designed to block certain kinds of traffic such as this and other things like bittorrent and limewire... you just need to enable them.
If you go to the configuration tab in the ASDM and the go to firewall >> advanced you will find the inspection section... it should be fairly easy to setup blocking as the different items are listed by name.
Let me know if you have any questions! Cheers!
0
 
LVL 5

Accepted Solution

by:
devangshroff earned 180 total points
ID: 22667150
but these mesanger keep on changeing port , so will ASA will block this.
0
Need protection from advanced malware attacks?

Look no further than WatchGuard's Total Security Suite, providing defense in depth against today's most headlining attacks like Petya 2.0 and WannaCry. Keep your organization out of the news with protection from known and unknown threats.

 
LVL 1

Author Comment

by:dt3itsteam
ID: 22668142
Can someone post me the Cisco command lines for the required statements?
Many thanks!
0
 
LVL 5

Assisted Solution

by:devangshroff
devangshroff earned 180 total points
ID: 22668175
class-map type regex match-any msn_exempt_list
match regex msnuser1 "booobs\@gmail.com"
match regex msnuser2 "user\@hotmail.com"

class-map type inspect im match-all MSN_BLOCK_CLASS
description "blabla"
match protocol msn-im
match login-name regex class msn_exempt_list

policy-map type inspect im MSN_BLOCK_POLICY
description "Policy blocking MSN IM"

class MSN_BLOCK_CLASS
drop-connection

service-policy MSN_BLOCK_POLICY interface outside
0
 
LVL 12

Expert Comment

by:Pugglewuggle
ID: 22671860
booobs@gmail.com? Are you crazy devangshroff?
While these commands will work, that's awesomely funny! What's up with that? :-P
0
 
LVL 12

Assisted Solution

by:Pugglewuggle
Pugglewuggle earned 240 total points
ID: 22671882
One other thing - that only blocks IM for booobs@gmail.com and user@hotmail.com...
You need to have a wildcard regular expression.
Here is the Cisco article on Regular Expressions.
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080940e04.shtml
Let me know if you have any questions!
Cheers!
0
 
LVL 12

Assisted Solution

by:Pugglewuggle
Pugglewuggle earned 240 total points
ID: 22672034
Oh - check this out - here is a screenshot from my ASDM - there is a default rule for blocking MSN Messenger, Yahoo Messenger, and lots of other things.
Just activate these policies. No need for booobs or devangshroff's commands. Lol.
Cheers! Let me know if you have any questions!

Untitled.jpg
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Occasionally, we encounter connectivity issues that appear to be isolated to cable internet service.  The issues we typically encountered were reset errors within Internet Explorer when accessing web sites or continually dropped or failing VPN conne…
I found an issue or “bug” in the SonicOS platform (the firmware controlling SonicWALL security appliances) that has to do with renaming Default Service Objects, which then causes a portion of the system to become uncontrollable and unstable. BACK…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Suggested Courses
Course of the Month13 days, 22 hours left to enroll

801 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question