manu
Jul 24 2003, 08:51 AM
Hi friends
I am using Widows 2000 Small Business Server... I have installed ISA server. I could not block Yahoo Messenger with it.. Could anybody help me to block or Control instant messengers like Yahoo, with ISA..?..
Have a nice day
Manu
Maffuster
Jan 9 2004, 06:44 PM
Well...there are difficulties doing this..
| QUOTE |
Yahoo! Messenger runs a variety of services on several ports. Yahoo! Messenger typically listens for peer-to-peer requests on port 5101/TCP and client-to-server communications on 5050/TCP, but is not limited to these ports. Users can attempt to implement a firewall to block inbound and outbound access to port 5101/TCP, 5050/TCP, or any other port(s) that Yahoo! Messenger chooses to bind a service. However, the Yahoo! Messenger client will attempt to connect to the server through ports 20, 21, 25, 37, 80, and 119 if 5050 is blocked, therefore this may not be a viable nor practical solution for most sites.
|
The problem here is the fact that it'll use port 80 if the rest of the ports are blocked. Since your users will also more than likely be trying to surf the web (which also contacts servers on port 80), you can't block one without the other.
However, if your users are using the Firewall client, you should be able to implement a rule on the server that denies access to the Yahoo! client.
coder
Jan 9 2004, 07:41 PM
you could attempt to block access to certain IP ranges, possibly those used as Yahoo IM Servers? Not only does the latest yahoo client use port 80 (if necessary) it can also make the yahoo connection in HTTP requests (as to bipass most network firewalls).
i believe that blocking either the client or the server(s) is the only affective way to do this, cause any generalized security measures may affect users' performance in nagative manner.
shaider
Mar 2 2004, 06:10 AM
| QUOTE (coder @ Jan 9 2004, 07:41 PM) |
you could attempt to block access to certain IP ranges, possibly those used as Yahoo IM Servers? Not only does the latest yahoo client use port 80 (if necessary) it can also make the yahoo connection in HTTP requests (as to bipass most network firewalls).
i believe that blocking either the client or the server(s) is the only affective way to do this, cause any generalized security measures may affect users' performance in nagative manner. |
Hello....
How can i bypass our server????
I can't view my friends webcam when using yahoo messenger and i can't use my headphone because of this thing....
hope you can help me guys....
-Anders
Mar 2 2004, 03:31 PM
| QUOTE (manu @ Jul 24 2003, 09:51 AM) |
Hi friends
I am using Widows 2000 Small Business Server... I have installed ISA server. I could not block Yahoo Messenger with it.. Could anybody help me to block or Control instant messengers like Yahoo, with ISA..?..
Have a nice day
Manu |
I'm not all too sure as to how up-to-date this tool is, but you might want to give it a
try, and see if it works for you.
This is windows-only as far as I can tell, but it does say something about novell and UNIX.
But give it a shot, it might prove to be worth it.
B1narypro
Mar 8 2004, 02:47 PM
Since these programs are dynamically running on different ports such as 80 you really can't block that port since http protocol is running on it. The best way is getting an application gateway which screens packets by looking at all of the information contained within the packet, including both the IP header and data portion. Also you can create a rule that allows traffic based on file extensions. Usually these instant messengers have a certain file extension that they use, for instance .dll, if you block that extension then bye bye instant messenger and it doesn't matter what port they use.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please
click here.
