Solved

Blocking MSN / Yahoo Messenger

Posted on 2008-10-07
8
1,523 Views
Last Modified: 2012-05-05
Hi,

Can anyone details how I block both MSN & Yahoo Messenger on my PIX 501 running V6.3

Thanks in advance
0
Comment
Question by:dt3itsteam
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 1

Assisted Solution

by:Cvif3v3r
Cvif3v3r earned 20 total points
ID: 22663654
This link tells you the Ports and IP addresses for MSN and Yahoo Instant Messenger. How to do it specifically on the Pix 500, I do not know, but I hope this helps at least.

http://www.windowsreference.com/security/how-to-block-yahoo-and-msn-messangers-in-a-firewall/
0
 
LVL 12

Assisted Solution

by:Pugglewuggle
Pugglewuggle earned 60 total points
ID: 22666124
You should be able to setup a default inspection rule to block this... the ASA has predefined rules in the ASDM that are designed to block certain kinds of traffic such as this and other things like bittorrent and limewire... you just need to enable them.
If you go to the configuration tab in the ASDM and the go to firewall >> advanced you will find the inspection section... it should be fairly easy to setup blocking as the different items are listed by name.
Let me know if you have any questions! Cheers!
0
 
LVL 5

Accepted Solution

by:
devangshroff earned 45 total points
ID: 22667150
but these mesanger keep on changeing port , so will ASA will block this.
0
Is your NGFW recommended by NSS Labs?

Ours is! NSS Labs Next Generation Firewall Test gives the WatchGuard Firebox M4600 a "Recommended" rating! Curious where your NGFW landed on the  Security Value Map? See the map and download the full report today!

 
LVL 1

Author Comment

by:dt3itsteam
ID: 22668142
Can someone post me the Cisco command lines for the required statements?
Many thanks!
0
 
LVL 5

Assisted Solution

by:devangshroff
devangshroff earned 45 total points
ID: 22668175
class-map type regex match-any msn_exempt_list
match regex msnuser1 "booobs\@gmail.com"
match regex msnuser2 "user\@hotmail.com"

class-map type inspect im match-all MSN_BLOCK_CLASS
description "blabla"
match protocol msn-im
match login-name regex class msn_exempt_list

policy-map type inspect im MSN_BLOCK_POLICY
description "Policy blocking MSN IM"

class MSN_BLOCK_CLASS
drop-connection

service-policy MSN_BLOCK_POLICY interface outside
0
 
LVL 12

Expert Comment

by:Pugglewuggle
ID: 22671860
booobs@gmail.com? Are you crazy devangshroff?
While these commands will work, that's awesomely funny! What's up with that? :-P
0
 
LVL 12

Assisted Solution

by:Pugglewuggle
Pugglewuggle earned 60 total points
ID: 22671882
One other thing - that only blocks IM for booobs@gmail.com and user@hotmail.com...
You need to have a wildcard regular expression.
Here is the Cisco article on Regular Expressions.
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080940e04.shtml
Let me know if you have any questions!
Cheers!
0
 
LVL 12

Assisted Solution

by:Pugglewuggle
Pugglewuggle earned 60 total points
ID: 22672034
Oh - check this out - here is a screenshot from my ASDM - there is a default rule for blocking MSN Messenger, Yahoo Messenger, and lots of other things.
Just activate these policies. No need for booobs or devangshroff's commands. Lol.
Cheers! Let me know if you have any questions!

Untitled.jpg
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this tutorial I will show you with short command examples how to obtain a packet footprint of all traffic flowing thru your Juniper device running ScreenOS. I do not know the exact firmware requirement, but I think the fprofile command is availab…
We sought a budget ($5,000) firewall solution that would provide all the performance we needed with no single point of failure.  Hosting a SAAS web application in our datacenter, it was critical that we find a way to keep connectivity up and inbound…
This is a high-level webinar that covers the history of enterprise open source database use. It addresses both the advantages companies see in using open source database technologies, as well as the fears and reservations they might have. In this…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…

687 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question