854
Views
0
Helpful
0
Comments
Options
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
06-22-2009 04:07 PM - edited 03-08-2019 06:13 PM
Core issue
MSN changes the ports dynamically. The access-list command can block the traffic to all the IP addresses and port numbers on which MSN works, in order to block all the connections to that site. The access-list command blocks the connections to the MSN site from the inside to the outside through the PIX Firewall.
Resolution
In order to block access to MSN messenger (instant messaging), try these commands:
- access-list block-msn deny tcp any any eq 1863
- access-list block-msn deny tcp any host 65.54.239.80 eq www
- access-list block-msn deny tcp any host 65.54.239.81 eq www
- access-list block-msn deny tcp any host 207.68.178.61 eq www
- access-list block-msn deny tcp any host 207.46.3.4 eq www
- access-list block-msn deny tcp any host 65.54.183.202 eq www
- access-list block-msn deny tcp any host 207.46.96.142 eq www
- access-list block-msn permit ip any any
- access-group block-msn in interface inside
Note: The IP addresses given are those of the MSN messenger servers IP addresses on port TCP 80.
Labels: