object-group service MSN_Messenger_tcp tcp
> description MSN Messenger tries to use these ports
> port-object eq www
> port-object eq 1863
> port-object eq 7001
>
> object-group network MSN_Messenger_hosts
> description hosts that MSN Messenger lives on
> network-object 65.54.195.0 255.255.255.0
> network-object 65.54.225.0 255.255.255.0
> network-object 65.54.226.0 255.255.254.0
> network-object 65.54.228.0 255.255.254.0
> network-object host 65.54.240.61
> network-object host 65.54.240.62
> network-object 207.46.104.0 255.255.252.0
> network-object 207.46.108.0 255.255.255.0
> network-object 207.68.171.0 255.255.255.0
access-list acl-inside deny tcp any object-group MSN_Messenger_hosts
> object-group MSN_Messenger_tcp
Put above configuration to block live massanger.
If you would block USERNAME for some user follow following URL:
http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/inspect.html
Regards,
Dharmesh Purohit