ebreniz Tue, 04/10/2007 - 06:34
User Badges:
  • Silver, 250 points or more

In order to block connectivity to IM services, use Access Control Lists (ACLs) in order to block the ports that these clients use. This is a list of generic ports used with the messaging services currently available:

Common ports

Internet Relay Chat (IRC) - TCP 6667 and 6660 through 6670 (the default being 6667)

Common IRC - TCP 6665 through 6669

AOL Intern ICQ - TCP 5190, dyn greater than or equal to 1024

AOL Instant Messenger - TCP and User Datagram Protocol (UDP) 5190 through 5193

MSN - TCP 1863

Yahoo Voice Chat - TCP 5000 and 5001, and UDP 5000 through 5010

This is an example of an ACL that blocks the MSN traffic on the PIX outbound, while it permits all other traffic:

access-list block-msn deny tcp any any eq 1863

access-list block-msn permit ip any any

access-group block-msn in interface inside

Yahoo Messages - TCP 5050

Yahoo Webcams - TCP 5100


This Discussion