By default Terminal Server and Windows 2000 Terminal Services uses TCP port 3389 for client connections.
VNC uses default ports of TCP 5800 and 5900. It supports the virtual screen number concept of X Windows, which means these ports apply to screen #0. Screen #1 would be at ports 5801 and 5901.
So as for your requirement, permit the above specific ports and any others that you may need in the acl and deny eveything else.
OR
Explicitly deny port 80 and allow everything else which will include the above ports. More info on ACLs on the below url.
http://www.cisco.com/en/US/products/sw/secursw/ps1018/products_tech_note09186a00800a5b9a.shtml
Thanks,
yatin