Linksys → Bolcking instant messengers

Is there a specific port range that I can block on my bfsr41 to prevent connections to AOL, MSN, ICQ, and Yahoo messengers?

I am sick of people using my public terminal for instant messaging, and would like to stop it if at all possible. I would like to prevent the downloading of the apps all together. If that is not possible, I would at least like to prevent people from connecting. Even if the app is installed.

Any help would be appreciated.

Thanks,
Jet

you can try blocking them entirely from using your internet connection.

said by nestrapez:

---

you can try blocking them entirely from using your internet connection.

---

I need regular internet access to the computers. I just want to abolish the IM connections so even if the software is on the computer, they will not connect and be prohibited from using the programs.

I just thought that there may be a specific port range that I can block with the router, that would not allow the apps to connect to the needed ports/servers.

Thanks,

Jet

MSN Messenger uses TCP port 1864.

said by plop_____:

---

MSN Messenger uses TCP port 1864.

---

Thank you!

Can I prevent the app from running/connecting by just blocking that port?

Jet

Here are the ports to block:

AIM, ICQ: 5190
MSN: 1863
Yahoo!: 5050

That will do the job but keep in mind that Yahoo! can also connect on port 80 so they may get around it that way.

Thanks Lanik, You the man!

I knew you would know.

Jet

Yeah I have them all, I made a correction for MSN after verifying. Just block the outbound traffic and you'll cut them off.

Thank you Lanik!

I owe you one!

Jet

P.S. I have been using a few of those NFS backgrounds lately, lol.

If 5050 is not available Yahoo will try also these ports: 20,23,25,80,119,5050,8001,8002
If I remember correctly AIM can run on several other ports too.

said by Brano:

---

If 5050 is not available Yahoo will try also these ports: 20,23,25,80,119,5050,8001,8002
If I remember correctly AIM can run on several other ports too.

---

Do you happen to know what those other ports that aol uses are?

Thanks,

Jet

No, sorry I don't run it, but I believe it's in the help once you have installed it (or somewhere in preferences).

You aren't going to be successfull blocking ports. The reason why is because both Yahoo! and AOL Instant Messanger can use port 80 which is the WWW port.

If you block 80 outbound, then you're also blocking WWW surfing which obviously you don't want to do.

Yahoo! IM and AIM will scan your system and try to establish a connection on a number of ports, 80 being one of them. So unless you block them all including port 80, blocking ports will not work.

You need to find another solution such as user accounts with a domain or something similar to block the application from running at all.
[text was edited by author 2003-03-18 08:43:34]

How about a software firewall? Could I possibly block the apps from running that way?

Is there a program out there that can block specific apps from even being launched? Is there a way to prevent apps from being launched by adding registry enteries?

Any help would be appreciated.

Thanks,

Jet

as I just IM'ed Jet with this:

---

JET! I think I found a solution to people connecting to AIM!

Just add:
127.0.0.1 login.oscar.aol.com

to the HOSTS file located in \windows\system32\drivers\etc or possibly in \windows\ or \winnt\system32\drivers\etc

I just tried it out and I was unable to connect to any AIM service... It's worth a shot buddy.

---

I was unable to connect to AIM after doing that.

and I'm learning to be a win2k admin, but I'm not sure of exactly how policies work..

If someone else can walk you through it, you could always
start>run>gpedit.msc
then use it that way... Someone here is bound to have their MCP or higher in Win2k or somethin like that.. (maybe take the whole thing over to the MS forum...)

The computers I need this on all run win98.

I dont think the group policy editor will work for me.

Jet

Instead of putting those ports on lockdown, try blocking setting up a rule to block the IP addresses of the MSN, Yahoo, AIM, ICQ, etc. servers. I used to work for a company that tried to block the ports but all we had to do was go into the AIM settings and it would auto browse until it found an outgoing port to connect on. Just connect to the services and then run good old netstat and you will see the remote IP addresses of those servers. There are also some GUI programs that will make the whole netstat utility real purdy!

A software firewall would also work, I know that even in the personal version of ZoneAlarm you can block access from specific applications. Your hardware firewall won't know what applications are asking for access, but your computer will!