Question

Locked

Blocking Live Messenger

By Toretto84 ·
Hey everyone,

two weeks ago the management decided to block Live Messenger in our company. I've been given the task to get it done. Here's the problem.

I'm using a ISA 2006 firewall; and we decided to start using Opendns as well. I followed Microsoft's advice on blocking Live Messenger; blocking traffic signatures - because apparently, Live Messenger will just use any open ports anyway these days.

Along that, we used Opendns and set it so that messenging domain names are blocked (amongst others). This takes care of blocking domain names that Live Messenger uses to contact it's services.

That's as far as the theory goes. For about two weeks everything went fine. No-one could use Live messenger (or MSN Messenger, before you should ask). But for the last two days, Live Messenger can be used without a problem - which isn't what we wanted.

What am I missing here? I don't see why the rules that we used 2 weeks ago, would suddenly stop working. Are there other methods I could use to make sure that Live Messenger traffic is blocked?

Before you ask, disabling Live / MSN Messenger on the desktops isn't an option. Web Messenger has to be blocked as well (hence Opendns), and some of the machines I "manage" aren't a member of the domain (being used by students which we decided not to give an user account for various reasons).

What to do, what to do?

This conversation is currently closed to new comments.

4 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Answers

Collapse -

Start off by checking to see if the Rules that

by OH Smeg In reply to Blocking Live Messenger

Where established are still in place. If they are not who has access tot he server where these rules where set? They are the most likely culprits who have disabled them.

But the reality here is that one or more of the students involved have got together and breached the set rules or worse they have breached your Security and gained access tot he server/s.

Use something like Wireshark to see what is happening here and then block as required.

http://www.wireshark.org/download.html

Col

Collapse -

MSN(Live Messenger) has 3 different ways to connect.

by gengw2000 In reply to Blocking Live Messenger

1. Default TCP port 1863. This port shall be blocked.
2. TCP port 80. You can block it by blocking "User-Agent: *Live Messenger*".
3. Web Messenger. You need to block website "webmessenger.msn.com".

If you want a software solution, you can try "WFilter Enterprise", it can block Live messenger and other IM/P2P traffic easily.

http://www.imfirewall.us

Collapse -

Find the executeable command for

by cpubymike In reply to Blocking Live Messenger

every IM client you can think of.

and ban it in GPO.

Live uses your MS live account so it signs in when you sign into MSN livemail.

Back to Desktop Forum
4 total posts (Page 1 of 1)  

Related Discussions

Related Forums