[Off Topic] Blocking Yahoo Messanger

We have Cisco Pix Firewall also.
I was wondering how do you access the Pix Firewall configuration screens?

Mike Tonoyan / MIS Manager / All American Products Co.
E-mail: miket@...

----- Original Message -----
From: <mtrzaska@...>
To: <vantage@yahoogroups.com>
Sent: Tuesday, January 28, 2003 3:08 PM
Subject: [Vantage] Re: [Off Topic] Blocking Yahoo Messanger


> Were Using A Cisco Pix hardware based firewall/VPN through ciscos
> configuration screens blocking ports for IM is pretty darn easy i was
> suprised when we set it up over here. We basically have the ability
> to give only certain people (upper management) access to im's. Most
> I'm's as you know have specific ports that they use. On a software
> based firewall it may be a little harder. There was a message someone
> posted that gave a list of ip's that probably would work. Just a
> kudos for Cisco, Im glad we got rid of our crappy software based
> firewall (i.e. winroute pro)
Hello,



I am having a problem with people using Yahoo IM. Does anyone know what
port it uses. I want to block

It from at the firewall.



Best Regards,





Dina Hieber

Vamco International, Inc.

(412) 963-7100 Phone

(412) 963-9511 Fax





[Non-text portions of this message have been removed]
Good Luck,
We tried several different ways to block AOL IM and Yahoo IM. They now use
dynamic ports so its almost impossible to block. We finally had to threaten
to fire anyone who installed it on their system. One thing we did come up
with was we wrote an IF Exist line in our login script. If it found the AOL
or Yahoo files then it exited the Login script without mapping any drives.
When the user called us to complain, we told them it was because those two
programs had been installed. We could have also created a Winbatch file
that would have searched their system for the files so that a path would not
have to be specified. Of course this would slow down logins but wouldnt
have to be ran all the time.


Jeremy Leonard
IT Manager
K-T Corporation


-----Original Message-----
From: Dina Hieber [mailto:dhieber@...]
Sent: Tuesday, January 28, 2003 3:18 PM
To: vantage@yahoogroups.com
Subject: [Vantage] [Off Topic] Blocking Yahoo Messanger


Hello,



I am having a problem with people using Yahoo IM. Does anyone know what
port it uses. I want to block

It from at the firewall.



Best Regards,





Dina Hieber

Vamco International, Inc.

(412) 963-7100 Phone

(412) 963-9511 Fax





[Non-text portions of this message have been removed]


Useful links for the Yahoo!Groups Vantage Board are: ( Note: You must have
already linked your email address to a yahoo id to enable access. )
(1) To access the Files Section of our Yahoo!Group for Report Builder and
Crystal Reports and other 'goodies', please goto:
http://groups.yahoo.com/group/vantage/files/.
(2) To search through old msg's goto:
http://groups.yahoo.com/group/vantage/messages
(3) To view links to Vendors that provide Vantage services goto:
http://groups.yahoo.com/group/vantage/links

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
Yahoo Messenger can use any TCP port (it most commonly begins on port 5050,
then switches to 23 (telnet), 80 (www) and afterwards uses random ports)
which makes it difficult to block (even if the Outgoing-TCP service is
removed - because YIM attempts to use standard service ports). The easiest
way to block this traffic we have found thus far is to add the particular IP
address ranges which make up the domains `cs.yahoo.com', `csa.yahoo.com',
`csb.yahoo.com', and `csc.yahoo.com' to the blocked site list on the
Firebox. This essentially tells the Firebox to discard any traffic from
Yahoo's message login servers. When the connection to cs.yahoo.com fails,
the client attempts to connect to csa.yahoo.com, csa, csb, then
csc.yahoo.com. At the time of writing (Aug 15, 2001) these names all
resolved to the same set of IP addresses (just in a different order).
Therefore, it is only necessary to block the IP addresses of csc.yahoo.com
at this point. This will probably change, so when setting up the policies to
block yahoo Messenger it is important to do a current IP lookup of all of
these names (with nslookup or a similar utility).
Here is a list of the IP addresses comprised by the domain name
"csc.yahoo.com" as of August 15, 2001:
216.136.175.144, 216.136.175.142, 216.136.225.12, 216.136.224.213
216.136.225.83, 216.136.224.214, 216.136.226.118, 216.136.175.143,
216.136.225.11, 216.136.225.35, 216.136.225.36, 216.136.131.93,
216.136.175.145, 216.136.226.117, 216.136.225.84


Jim Carnes
Information Systems
Kenlee Precision Corporation
1700 Morrell Park Ave
Baltimore, MD 21230
410-525-3800 x132


-----Original Message-----
From: Dina Hieber [mailto:dhieber@...]
Sent: Tuesday, January 28, 2003 3:18 PM
To: vantage@yahoogroups.com
Subject: [Vantage] [Off Topic] Blocking Yahoo Messanger

Hello,



I am having a problem with people using Yahoo IM. Does anyone know what
port it uses. I want to block

It from at the firewall.



Best Regards,





Dina Hieber

Vamco International, Inc.

(412) 963-7100 Phone

(412) 963-9511 Fax





[Non-text portions of this message have been removed]




Yahoo! Groups Sponsor
ADVERTISEMENT

<http://rd.yahoo.com/M=244396.2846622.4218523.2848452/D=egroupweb/S=17050071
83:HM/A=1414307/R=0/*https://www.clearcredit.com/registration/default.asp?n=
b&cpID=c01888p1379&ckID=gen14628>


Useful links for the Yahoo!Groups Vantage Board are: ( Note: You must have
already linked your email address to a yahoo id to enable access. )
(1) To access the Files Section of our Yahoo!Group for Report Builder and
Crystal Reports and other 'goodies', please goto:
http://groups.yahoo.com/group/vantage/files/.
(2) To search through old msg's goto:
http://groups.yahoo.com/group/vantage/messages
(3) To view links to Vendors that provide Vantage services goto:
http://groups.yahoo.com/group/vantage/links

Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service
<http://docs.yahoo.com/info/terms/> .


[Non-text portions of this message have been removed]
Dina:

http://www.windowsecurity.com/articles/How_to_Block_Dangerous_Instant_Messen
gers_Using_ISA_Server.html


Jessee Holmes
Stremel Manufacturing Company

-----Original Message-----
From: Dina Hieber [mailto:dhieber@...]
Sent: Tuesday, January 28, 2003 2:18 PM
To: vantage@yahoogroups.com
Subject: [Vantage] [Off Topic] Blocking Yahoo Messanger


Hello,



I am having a problem with people using Yahoo IM. Does anyone know what
port it uses. I want to block

It from at the firewall.



Best Regards,





Dina Hieber

Vamco International, Inc.

(412) 963-7100 Phone

(412) 963-9511 Fax





[Non-text portions of this message have been removed]


Useful links for the Yahoo!Groups Vantage Board are: ( Note: You must have
already linked your email address to a yahoo id to enable access. )
(1) To access the Files Section of our Yahoo!Group for Report Builder and
Crystal Reports and other 'goodies', please goto:
http://groups.yahoo.com/group/vantage/files/.
(2) To search through old msg's goto:
http://groups.yahoo.com/group/vantage/messages
(3) To view links to Vendors that provide Vantage services goto:
http://groups.yahoo.com/group/vantage/links

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
If Using A Cisco Pix firewall getting the port or ports that yahoo
uses is fairly easy to block. If Using a software based programs then
the ip blocking as stated before should work.
--- In vantage@yahoogroups.com, "Jim Carnes" <jcarnes@k...> wrote:
> Yahoo Messenger can use any TCP port (it most commonly begins on
port 5050,
> then switches to 23 (telnet), 80 (www) and afterwards uses random
ports)
> which makes it difficult to block (even if the Outgoing-TCP service
is
> removed - because YIM attempts to use standard service ports). The
easiest
> way to block this traffic we have found thus far is to add the
particular IP
> address ranges which make up the domains `cs.yahoo.com',
`csa.yahoo.com',
> `csb.yahoo.com', and `csc.yahoo.com' to the blocked site list on the
> Firebox. This essentially tells the Firebox to discard any traffic
from
> Yahoo's message login servers. When the connection to cs.yahoo.com
fails,
> the client attempts to connect to csa.yahoo.com, csa, csb, then
> csc.yahoo.com. At the time of writing (Aug 15, 2001) these names all
> resolved to the same set of IP addresses (just in a different
order).
> Therefore, it is only necessary to block the IP addresses of
csc.yahoo.com
> at this point. This will probably change, so when setting up the
policies to
> block yahoo Messenger it is important to do a current IP lookup of
all of
> these names (with nslookup or a similar utility).
> Here is a list of the IP addresses comprised by the domain name
> "csc.yahoo.com" as of August 15, 2001:
> 216.136.175.144, 216.136.175.142, 216.136.225.12, 216.136.224.213
> 216.136.225.83, 216.136.224.214, 216.136.226.118, 216.136.175.143,
> 216.136.225.11, 216.136.225.35, 216.136.225.36, 216.136.131.93,
> 216.136.175.145, 216.136.226.117, 216.136.225.84
>
>
> Jim Carnes
> Information Systems
> Kenlee Precision Corporation
> 1700 Morrell Park Ave
> Baltimore, MD 21230
> 410-525-3800 x132
>
>
> -----Original Message-----
> From: Dina Hieber [mailto:dhieber@v...]
> Sent: Tuesday, January 28, 2003 3:18 PM
> To: vantage@yahoogroups.com
> Subject: [Vantage] [Off Topic] Blocking Yahoo Messanger
>
> Hello,
>
>
>
> I am having a problem with people using Yahoo IM. Does anyone know
what
> port it uses. I want to block
>
> It from at the firewall.
>
>
>
> Best Regards,
>
>
>
>
>
> Dina Hieber
>
> Vamco International, Inc.
>
> (412) 963-7100 Phone
>
> (412) 963-9511 Fax
>
>
>
>
>
> [Non-text portions of this message have been removed]
>
>
>
>
> Yahoo! Groups Sponsor
> ADVERTISEMENT
>
>
<http://rd.yahoo.com/M=244396.2846622.4218523.2848452/D=egroupweb/S=17
050071
>
83:HM/A=1414307/R=0/*https://www.clearcredit.com/registration/default.
asp?n=
> b&cpID=c01888p1379&ckID=gen14628>
>
>
> Useful links for the Yahoo!Groups Vantage Board are: ( Note: You
must have
> already linked your email address to a yahoo id to enable access. )
> (1) To access the Files Section of our Yahoo!Group for Report
Builder and
> Crystal Reports and other 'goodies', please goto:
> http://groups.yahoo.com/group/vantage/files/.
> (2) To search through old msg's goto:
> http://groups.yahoo.com/group/vantage/messages
> (3) To view links to Vendors that provide Vantage services goto:
> http://groups.yahoo.com/group/vantage/links
>
> Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service
> <http://docs.yahoo.com/info/terms/> .
>
>
> [Non-text portions of this message have been removed]
Were Using A Cisco Pix hardware based firewall/VPN through ciscos
configuration screens blocking ports for IM is pretty darn easy i was
suprised when we set it up over here. We basically have the ability
to give only certain people (upper management) access to im's. Most
I'm's as you know have specific ports that they use. On a software
based firewall it may be a little harder. There was a message someone
posted that gave a list of ip's that probably would work. Just a
kudos for Cisco, Im glad we got rid of our crappy software based
firewall (i.e. winroute pro)


--- In vantage@yahoogroups.com, "Leonard, Jeremy" <jleonard@k...>
wrote:
> Good Luck,
> We tried several different ways to block AOL IM and Yahoo IM. They
now use
> dynamic ports so its almost impossible to block. We finally had to
threaten
> to fire anyone who installed it on their system. One thing we did
come up
> with was we wrote an IF Exist line in our login script. If it
found the AOL
> or Yahoo files then it exited the Login script without mapping any
drives.
> When the user called us to complain, we told them it was because
those two
> programs had been installed. We could have also created a Winbatch
file
> that would have searched their system for the files so that a path
would not
> have to be specified. Of course this would slow down logins but
wouldnt
> have to be ran all the time.
>
>
> Jeremy Leonard
> IT Manager
> K-T Corporation
>
>
> -----Original Message-----
> From: Dina Hieber [mailto:dhieber@v...]
> Sent: Tuesday, January 28, 2003 3:18 PM
> To: vantage@yahoogroups.com
> Subject: [Vantage] [Off Topic] Blocking Yahoo Messanger
>
>
> Hello,
>
>
>
> I am having a problem with people using Yahoo IM. Does anyone know
what
> port it uses. I want to block
>
> It from at the firewall.
>
>
>
> Best Regards,
>
>
>
>
>
> Dina Hieber
>
> Vamco International, Inc.
>
> (412) 963-7100 Phone
>
> (412) 963-9511 Fax
>
>
>
>
>
> [Non-text portions of this message have been removed]
>
>
> Useful links for the Yahoo!Groups Vantage Board are: ( Note: You
must have
> already linked your email address to a yahoo id to enable access. )
> (1) To access the Files Section of our Yahoo!Group for Report
Builder and
> Crystal Reports and other 'goodies', please goto:
> http://groups.yahoo.com/group/vantage/files/.
> (2) To search through old msg's goto:
> http://groups.yahoo.com/group/vantage/messages
> (3) To view links to Vendors that provide Vantage services goto:
> http://groups.yahoo.com/group/vantage/links
>
> Your use of Yahoo! Groups is subject to
http://docs.yahoo.com/info/terms/