I am trying to block access to all messenger from within our network and I have the following questions:
1. Can I block using names of servers for eg login.osacar.aol.com
2.If I block ip traffic , I am sure to block tcp, udp adn icmp. Please confirm
3. Applying access lists to inside interface is enough or should I consider applying them on the outside as well.
Finally are these enough :
for msn
access-list acl_in deny ip any any eq 1863
access-list acl_in deny ip any 64.4.13.0 255.255.255.0
for aol
access-list acl_in deny ip any any eq 5190
and all IP's resolving to IP host login.oscar.aol.com. which I find by doing netstat
for yahoo
block IP's found by doing netstat for cs.yahoo.com, sca.yahoo.com, msg.edit.yahoo.com