Block messengers but allow virtual advisor

vikrantarora · ‎03-06-2003

i have pix firewall up and running. the organization i work for wants to have a virtual advisor for employees which would answer questions in real time as in a chat program. now my concern is:

I want to block yahoo, aol , msn icq and other messenger but still have our virtual advisor functional.

Basically i am looking for blocking via 2 methods:

1.IP addresses ( in this case i need a lsit of all chat server ip addresses)

2.service (which would save me the effort of typing in all teh ip addresses but still have the real time chat with virtual advisor possible.

Thanks in advance

gfullage · ‎03-06-2003

It's not possible to simply block some of these IM programs just by port number, since they'll use port 80 or random ports to get a connection. One method to block them is as follows (note this information is readily available on the Internet and can be found easily from any search engine):

For Messenger:

TCP Port 1863

IP Range 64.4.13.0/24

For Yahoo:

Blocking Yahoo Messenger is not as easy as blocking other pieces of software. Yahoo has their

servers seperated out across various IPs, and you can't just do a range block, for risk of making parts

of Yahoo disappear from your users browsers. So, to block Yahoo Messenger, you must block these 2 servers:

cs.yahoo.com

scsa.yahoo.com

But do an nslookup on them first as they each have about 8 addresses that round-robin, so you'll have

to block each individual IP address.

For AOL and ICQ:

TCP/UDP port 5190

IP host login.oscar.aol.com (do an nslookup on it)

Now, I have no idea what ports this virtual advisor you mention uses, so you'll need to figure out if blocking any of the above will block this program.