Hey guys

I need some help configuring our FW. We have about 1500 nodes behind a Cisco 515r FW. Recently we have seen an increase of network traffic due to P2P progs and also IM (instatnt messaging) progs. I have tried to block specific traffic from these progs but they are constantly changing their IP's and port numbers. What I would like to do is to block all unused ports. From the research that I have done, it looks like if I block everything > 1024, I should not interfer with any "normal" network operations(DNS, telnet, SNMP, SMTP, ftp, etc.) What do you guys think????? Also, does anyone the syntax to do such a thing?