You are not going to be able to block Yahoo Instant messenger or any of the latest instant messenging programs by port. They pretty much all have the ability to scan for and use any available port if the default port is not available. The only way to block them is to sit down and do nslookups for all of the possible IP addresses and block it by IP address.
You cannot block any of the instant messenger programs today by port. They all have the ability scan for and use an open port. What I have done is install and use all of these programs and watch the logs to get the IP addresses they all use. I don't have my list handy but, I will try and post it tonight. I block all of the popular ones, AIM, Yahoo, MS and ICQ. There are quite a few addresses and all any of them have to do is move the server to another IP and you have to start the game all over again.
As my understanding, tracing all the IP addresses is time-consuming. I wish to have all the addresses for well-known Instant Messager from you. Can I? You can send them through my email address firstname.lastname@example.org. Thanks.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...