Firewall/NAT

Hi all,

can some one please tell me how to block MSN and Windows Live messenger, i have tried doing this and can not get it to work i block a couple of ports in the firewall and i can still login . i need this blocking as its slowing our network down.

Please can some explain how to do it or just the ports i need to block and where to put them.

Thanks

http://www.portforward.com/cports.htm

guck ma, da stehen ports. vllt sinds die.

I am fairly sure that you will not be able to bock this without disrupting other traffic, as it can still go over http, so you would have to block all traffic.  I believe that the only way to effectively block it is with a proxy.  Microsoft publish this article http://support.microsoft.com/kb/925120 which explains how to do it in ISA server.  I have found the following entry on a blog page at http://blogs.techrepublic.com.com/networking/?p=308 which explains how to do it with Squid.

I’ve been looking for a simple and reliable way of blocking MSN Messenger without stopping Windows Update from doing its job. After trying to refine blocking based on both IP address and hostname, I decided that the only way to reliably block it is using the mime type tag and HTTP gateway using Squid. I found reference to the tag application/x-msn-messenger while reading a Microsoft KB article that describes blocking MSN Messenger with ISA Server 2000. Squid gives the ability to block based on MIME type and request content using access control lists (acls).

If you’re already running all of your Web traffic through a Squid proxy server, then updating your configuration to block Messenger is as simple as adding four lines to the Squid.conf file:

acl msnmime req_mime_type ^application/x-msn-messenger

acl msngw url_regex -i gateway.dll

http_access deny msnmime

http_access deny msngw

hope this helps.

Mark.

Is this in a Domain environment?  If so, I would recommend using Group Policy to disable the IM client.

Also, if the MSN client is the source of network slowdowns it should raise alarms.  Either you have insufficient bandwidth for the low bandwidth portion of MSN (IM, notices, etc.), or your users are sending large files around via MSN (note that these files may or may not be business related).  If it's the latter then users will find other ways of sending these large files.  Via HTTP uploads, FTP, or EMAIL and the bandwidth issue will still be there.

I would recommend doing some research into this to see why the slowdowns are actually occurring, and look at providing alternatives which you can control.  (EMAIL or FTP may be viable as you can throttle).

only put this rule in LAN

action deny TCP  *  *  207.46.0.0/16  *  restringir messenger   

good look