Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Blocking Messenger through Accesslists

Hi Friends ,

I need to Block all the Messenger Services through Access Lists. Can any one let me Know Concerned TCP Ports for Messenger & Chat Services for Yahoo,MSN,AOL,...etc

Rgds

Srini

2 REPLIES
Gold

Re: Blocking Messenger through Accesslists

Hi Srini -

Use ACL's to block the required services:

If you would like to block AOL Instant Messenger with another firewall, then you have to block 2 things: the port on which AIM operates, port 5190, and/or the server to which the majority of all AIM clients connect: login.oscar.aol.com.

If you would like to block ICQ with another firewall, then you have to block 2 things: the port on which it operates, port 5190, and/or the server to which the majority of all ICQ clients connect: login.oscar.aol.com.

Blocking MSN Messenger is pretty easy,

TCP Port 1863

IP Range 64.4.13.0/24

Blocking Yahoo Messenger is not as easy as blocking other pieces of software. You see, Yahoo has their servers seperated out across various IPs, and you can't just do a range block, for risk of making parts of Yahoo disappear from your users browsers. So, to block Yahoo Messenger, you must block these 2servers by DNS address, not range,

cs.yahoo.com

scsa.yahoo.com

Hope this helps--

New Member

Re: Blocking Messenger through Accesslists

If the ports are consistant for the chat services, wouldn't it be simpler to just block the port and not specify a host. Unless the port is used by other applications that would need to go through your firewall or router access-list there would be no reason to leave that port open.

HTH

78
Views
0
Helpful
2
Replies
CreatePlease login to create content