purohit_810 Tue, 08/28/2007 - 12:44

object-group service MSN_Messenger_tcp tcp

> description MSN Messenger tries to use these ports

> port-object eq www

> port-object eq 1863

> port-object eq 7001

>

> object-group network MSN_Messenger_hosts

> description hosts that MSN Messenger lives on

> network-object 65.54.195.0 255.255.255.0

> network-object 65.54.225.0 255.255.255.0

> network-object 65.54.226.0 255.255.254.0

> network-object 65.54.228.0 255.255.254.0

> network-object host 65.54.240.61

> network-object host 65.54.240.62

> network-object 207.46.104.0 255.255.252.0

> network-object 207.46.108.0 255.255.255.0

> network-object 207.68.171.0 255.255.255.0


access-list acl-inside deny tcp any object-group MSN_Messenger_hosts

> object-group MSN_Messenger_tcp



Put above configuration to block live massanger.



If you would block USERNAME for some user follow following URL:

http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/inspect.html


Regards,

Dharmesh Purohit


Actions

This Discussion