-
July 2nd, 2004, 09:48 PM
#1
Blocking Yahoo! Messenger
Has anyone managed to successfully block Yahoo! Messenger via a hardware firewall? I have MSN and AOL blocked, but I've been reading up on Yahoo and what other sources are saying is that it can't be blocked due to the fact it looks for open ports if it finds that it can't communicate on its usual ports.
That seems odd though, you can usually block just about anything at a firewall as long as you configure it right. Can Yahoo really be that crafty? So, I'm asking the people who know at AO (oh, look at me, I rhymed!). Is there a way to block it with a hardware firewall so that it doesn't find a way to wiggle through?
-
July 2nd, 2004, 10:04 PM
#2
I have found that blocking the domains works for a while. (But then they change them)
However, management saw fit to get rid of the user, so I have not had to block anyone from yahoo for a while.
Ahhh here we go. I blocked these domains and it blocked his access for a while:
msg.sc5.yahoo.com
msg.yahoo.com
N00b> STFU i r teh 1337 (english: You must be mistaken, good sir or madam. I believe myself to be quite a good player. On an unrelated matter, I also apparently enjoy math.)
-
July 2nd, 2004, 10:06 PM
#3
However, management saw fit to get rid of the user, so I have not had to block anyone from yahoo for a while.
Now that's how you block access! We don't have that problem either presently, but I'm trying to act preemptively so it doesn't become one down the road.
-
July 2nd, 2004, 10:07 PM
#4
Re: Blocking Yahoo! Messenger
Originally posted here by AngelicKnight
Has anyone managed to successfully block Yahoo! Messenger via a hardware firewall? I have MSN and AOL blocked, but I've been reading up on Yahoo and what other sources are saying is that it can't be blocked due to the fact it looks for open ports if it finds that it can't communicate on its usual ports.
That seems odd though, you can usually block just about anything at a firewall as long as you configure it right. Can Yahoo really be that crafty? So, I'm asking the people who know at AO (oh, look at me, I rhymed!). Is there a way to block it with a hardware firewall so that it doesn't find a way to wiggle through?
Why not just just uninstall it?
"Personality is only ripe when a man has made the truth his own."
-- Søren Kierkegaard
-
July 2nd, 2004, 10:09 PM
#5
Re: Re: Blocking Yahoo! Messenger
Originally posted here by xierox
Why not just just uninstall it?
Cause user will install it again. Yahoo does not follow good guidelines about the permissions it needs to install. The older versions installed whether you were an admin or a normal user with no install rights.
N00b> STFU i r teh 1337 (english: You must be mistaken, good sir or madam. I believe myself to be quite a good player. On an unrelated matter, I also apparently enjoy math.)
-
July 2nd, 2004, 10:10 PM
#6
Well, that is a single-user solution. What I want is denial of access for the entire 20-something user office network, in the event we bring in a new employee one day who has the urge to get chatty on the company clock (not to mention the security risks if they decide to direct connect or download something from a "buddy").
/edit -- Jarrod beat me to the point!
-
July 2nd, 2004, 10:14 PM
#7
Re: Re: Re: Blocking Yahoo! Messenger
Originally posted here by CXGJarrod
Cause user will install it again. Yahoo does not follow good guidelines about the permissions it needs to install. The older versions installed whether you were an admin or a normal user with no install rights.
Originally posted here by AngelicKnight
Well, that is a single-user solution. What I want is denial of access for the entire 20-something user office network, in the event we bring in a new employee one day who has the urge to get chatty on the company clock (not to mention the security risks if they decide to direct connect or download something from a "buddy".
/edit -- Jarrod beat me to the point!
Oh, ok, gotcha. Well, good luck, sorry I couldn't be of more help.
"Personality is only ripe when a man has made the truth his own."
-- Søren Kierkegaard
-
July 2nd, 2004, 10:17 PM
#8
That's ok, it was a good try. I should've specified my network environment.
-
July 2nd, 2004, 10:21 PM
#9
Its a difficult one Angelic - like CXG says they do keep changing domains etc. Any chance you could setup a sniffer on the network to catch whoever is using it and then have suitable action backed up by company policy that quite clearly outlines what wil happen if caught using IM's during work hours for non work related purposes i.e. the feckers will be strung out to dry?
Quis Custodiet Ipsos Custodes
-
July 2nd, 2004, 10:23 PM
#10
Easy:
Block login.yahoo.com... you're done
If you can't block it by the domain name since the IP will change sometimes place a fixed record in your DNS zone pointing it at 127.0.0.1
Don\'t SYN us.... We\'ll SYN you.....
\"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|