RE: MSN Messenger blocking
- From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Thu, 18 Nov 2004 09:34:32 -0600
Hi Steven,
Send me a note and I'll send you the .xml file to the Access Rule I
created that blocks Messenger 6.2 with a single rule. The only site I
needed to block was *.messenger.msn.com and the only protocol I needed
to block was TCP 1863 (MSN Messenger protocol).
HTH,
Tom
www.isaserver.org/shinder
Tom and Deb Shinder's Configuring ISA Server 2004
http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
-----Original Message-----
From: Steven Andreca [mailto:sandreca@xxxxxxxx]
Sent: Thursday, November 18, 2004 9:32 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: MSN Messenger blocking
http://www.ISAserver.org
Evrika! I figured it out. (Yes, all my users use both the WEB Proxy and
Firewall Client. And I am not providing a default gateway in the DHCP
lease).
The only (known by me) way to block MSN Messenger 6.2 (NOT the Windows
Messenger 4.7 built in XP) is to block any of the following 2 (I blocked
both, just in case):
1. 207.46.104.20
2. 207.46.110.1 to 207.46.110.254
Blocking any of the above will block the MSN Messenger but NONE of the
following will do it:
1. Blocking the ISA Server's (2004) pre-defined Instant Messaging
protocols.
2. Blocking names like *.messenger.msn.com , messenger.hotmail.com ,
gateway.moswest.msn.net , etc.
3. Editing the Firewall Client application settings (article:
http://www.isaserver.org/tutorials/How_to_Block_Dangerous_Instant_Messen
gers_Using_ISA_Server.html).
(The executable name for MSN Messenger is msnmsgr.exe).
4. Blocking the 64.4.0.0 to 64.4.63.255 range. I don't know where I got
this but it's totally wrong. It does not block MSN msgr but DOES block
Hotmail and Windows Updates.
5. Blocking Windows Messenger through Group Policy.
Most of the known methods address the Windows Messenger, not the MSN
Messenger 6.2 (and probably the upcoming 7). Microsoft really wants
people
to be able to get hooked on that stupid chat no matter what firewalls
might be in their way. My Management however doesn't and I also agree
that
this is not just a security hole but a huge waste of time.
I just hope that MS will not change the IPs very often.
Cheers,
Steven
PS Tom, is that ISA 2004 book ever coming out? (-:
I get a link to Amazon with every ISA newsletter but it always says it's
out of stock. I don't really want the hard copy, the electronic version
is
best. Thanks.
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
Other related posts:
