[nsp] blocking Msn messenger on PIX

Mark Tinka mtinka at africaonline.co.sz
Tue Jul 13 10:07:03 EDT 2004


On Tuesday 13 July 2004 15:36, Paul Stewart wrote:
> Unfortunately doesn't work unless you block port 80 as well and you
> probably don't want to do that...  MSN messenger will default to TCP/80
> when it can't reach 1863.  What I ended up doing at a few sites that had
> their own internal DNS was creating entries for messenger.msn.com (double
> check that - it may have changed) to point to 127.0.0.1 therefore it
> couldn't login at all.... Worked like a dream....

But this would work best if the site doesn't want 'everyone' using MSN. What 
about if only 10% of all staff are authorised to use it?

The other issue is a smart user will simply use another name server some where 
on the global Internet, or at the ISP, for resolution, especially if they are 
sharp enough to ping 'messenger.msn.com' and see the resolved IP = 
127.0.0.1 :).

But then again, those would be fewer cases, I guess.

Mark.

>
> Paul
>
>
> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net
> [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Richard Danielli
> Sent: Tuesday, July 13, 2004 8:15 AM
> To: Muhammad Talha
> Cc: Cisco NSP
> Subject: Re: [nsp] blocking Msn messenger on PIX
>
>
> Try blocking outgoing TCP/1863 and UDP/7001
>
> On Tue, 2004-07-13 at 07:50, Muhammad Talha wrote:
> > Dear all
> >
> > how can i block msn messenger on PIX firewall
> >
> > Regards
> >
> > _______________________________________________
> > cisco-nsp mailing list  cisco-nsp at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > archive at http://puck.nether.net/pipermail/cisco-nsp/


More information about the cisco-nsp mailing list