cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
325
Views
0
Helpful
2
Replies

Blocking Messenger through Accesslists

nandurisrini
Level 1
Level 1

Hi Friends ,

I need to Block all the Messenger Services through Access Lists. Can any one let me Know Concerned TCP Ports for Messenger & Chat Services for Yahoo,MSN,AOL,...etc

Rgds

Srini

2 Replies 2

jmia
Level 7
Level 7

Hi Srini -

Use ACL's to block the required services:

If you would like to block AOL Instant Messenger with another firewall, then you have to block 2 things: the port on which AIM operates, port 5190, and/or the server to which the majority of all AIM clients connect: login.oscar.aol.com.

If you would like to block ICQ with another firewall, then you have to block 2 things: the port on which it operates, port 5190, and/or the server to which the majority of all ICQ clients connect: login.oscar.aol.com.

Blocking MSN Messenger is pretty easy,

TCP Port 1863

IP Range 64.4.13.0/24

Blocking Yahoo Messenger is not as easy as blocking other pieces of software. You see, Yahoo has their servers seperated out across various IPs, and you can't just do a range block, for risk of making parts of Yahoo disappear from your users browsers. So, to block Yahoo Messenger, you must block these 2servers by DNS address, not range,

cs.yahoo.com

scsa.yahoo.com

Hope this helps--

If the ports are consistant for the chat services, wouldn't it be simpler to just block the port and not specify a host. Unless the port is used by other applications that would need to go through your firewall or router access-list there would be no reason to leave that port open.

HTH

Review Cisco Networking for a $25 gift card