ebreniz Tue, 04/10/2007 - 06:34

In order to block connectivity to IM services, use Access Control Lists (ACLs) in order to block the ports that these clients use. This is a list of generic ports used with the messaging services currently available:


Common ports


Internet Relay Chat (IRC) - TCP 6667 and 6660 through 6670 (the default being 6667)



Common IRC - TCP 6665 through 6669



AOL Intern ICQ - TCP 5190, dyn greater than or equal to 1024



AOL Instant Messenger - TCP and User Datagram Protocol (UDP) 5190 through 5193



MSN - TCP 1863



Yahoo Voice Chat - TCP 5000 and 5001, and UDP 5000 through 5010


This is an example of an ACL that blocks the MSN traffic on the PIX outbound, while it permits all other traffic:


access-list block-msn deny tcp any any eq 1863

access-list block-msn permit ip any any

access-group block-msn in interface inside

Yahoo Messages - TCP 5050



Yahoo Webcams - TCP 5100


Actions

This Discussion