Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Firewalls
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Blocking IM

from [Jeff Britton, Monitored Security] Network Security [Permanent Link]
Subject: RE: Blocking IM
Date: Wed, 7 Dec 2005 13:19:45 -0000 
If you're using the SurfControl product for ISA, there isn't much capability to 
block based on application, but you should be able to block by port through ISA 
itself.  I found the following about Yahoo IM below...
 
Another workaround I found useful was making the Yahoo IM exe an unwanted 
program through your AV product.  (Capabilities will vary of course)

Yahoo! Messenger services uses a variety of ports. 

Service         Ports   
Chat & Messenger        TCP Port 5050: Client Access only       
Insider/Room Lists      TCP Port 80: Client Access only         
File Transfer   TCP Port 80: Server Access.
Your ISP may block this port, as its used for web hosting.
You can change port in Messenger, Preferences, File Transfer.   
Voice Chat      UDP 5000-5010
TCP 5000-5001: Client Access
If UDP Fails, TCP will be used instead, see below.      
WebCam  TCP Port 5100: Client Access    
Super Webcam    TCP Port 5100: Server Access    
P2P Instant Messages    TCP Port 5101: Server Access
PMs between Buddys may not use the Yahoo! Server, but this is not a 
requirement.        

-----Original Message-----
From: Morales, David (Seta) [mailto:David_Morales@onr.navy.mil]
Sent: Tuesday, December 06, 2005 2:51 PM
To: firewalls@securityfocus.com
Cc: Amiryar, Edris (Seta)
Subject: Blocking IM



We are blocking IM at the Firewall (juniper 5200) and through Surf-control (Web 
Filtering product, but we are still able to connect to Yahoo IM. Has anyone 
been able to do this successfully? And, does anyone have a list of ports to 
block so we cannot get to this IM?

Thanks in advance,

David Morales

moraled@onr.navy.mil

GIF image

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: securing Oracle tnslistener on firewall., Damien Dinh
Next by Date:  RE: Tool for to test firewall, Tony Haywood
Previous by Thread:  Re: Blocking IM, Fco. Jose Garrido Matamoros
Next by Thread:  RE: Blocking IM, Jay Archibald
Indexes:  [Date] [Thread] [Top] [All Lists]