Blocking MSN Messenger
Page 1 of 3 123 LastLast
Results 1 to 10 of 23

Thread: Blocking MSN Messenger

  1. #1
    AO French Antique News Whore
    Join Date
    Aug 2001
    Posts
    2,126

    Blocking MSN Messenger

    I'm tired. I decided to block MSN Messenger from internal user. I unleashed my power by blocking the complete range of IP from 207.46.1.1 to 207.70.255.255 in my Firewall. It kill MSN and Hotmail website also but it kill MSN Messenger!!

    Anyone got a better way to block MSN Messenger?
    -Simon \"SDK\"

  2. #2
    Senior Member
    Join Date
    Jul 2003
    Posts
    813
    Why not uninstalling MSN? I maybe don't get exactly what you're trying to do, but that sounds like a good idea IMO. Alternatively try blocking baym*.msgr.hotmail.com if you can [I could say the higher-end ports like 32k -> 33k but there are some other apps using those so...]

    If it's on a network that you're trying to do this, then maybe the baym* idea sounds best... remember there's also the online version of MSN Messenger, so you'd have to block that too.
    /\\

  3. #3
    AO French Antique News Whore
    Join Date
    Aug 2001
    Posts
    2,126
    The only port that Messenger need is 80.

    I block Web Messenger

    I'm try blocking passport.net, msn.com, hotmail.com domain and MSN Messenger was still able to sign. I think they force the IP of their server is the software himself.
    -Simon \"SDK\"

  4. #4
    THE Bastard Sys***** dinowuff's Avatar
    Join Date
    Jun 2003
    Location
    Third planet from the Sun
    Posts
    1,252
    Tried like hell to block Instant Messanger. Too many users complained about not having MSN. Finally broke down and bought Websense. No one on the LAN (except me) has IM capability now. Surf Control will also block IM traffic.

  5. #5
    Senior Member
    Join Date
    Mar 2004
    Posts
    510
    If you block port 80 I believe Messenger will search for other ports to use, it appears to be smarter than the other messenging clients. We went through that here. I think it tries 463 or 643..can't remember exactly.
    \"You got a mouth like an outboard motor..all the time putt putt putt\" - Foghorn Leghorn

  6. #6
    AO French Antique News Whore
    Join Date
    Aug 2001
    Posts
    2,126
    All my port are block in outbound except 80, 21, Http, Pop3, DNS.

    I just add a rules to send me a email when someone surf messenger.msn.com domain so I'm able to punished the user!
    -Simon \"SDK\"

  7. #7
    Hi mom!
    Join Date
    Aug 2001
    Posts
    1,103
    I've been trying for a couple of days. This morning, I got fed up, and I just renamed the service executable ( program files/messenger/msmsgs.exe or something like that ). It works for now
    I wish to express my gratitude to the people of Italy. Thank you for inventing pizza.

  8. #8
    Senior Member
    Join Date
    Jul 2003
    Posts
    813
    msmsgs.exe [or whichever the dreaded name] is the Messenger service, not MSN IM. Renaming that executable should block localhost access to that service [which in a networked environment might be a good or bad thing].

    But MSN IM is a different ball-game, however similar the executable name is. Seems as though Snort has a signature for it:

    http://www.snort.org/snort-db/sid.html?id=1990

    Definitely easier than monitoring the entire domain IMHO.
    /\\

  9. #9
    Banned
    Join Date
    Nov 2003
    Posts
    1,161
    Originally posted here by SDK
    The only port that Messenger need is 80.

    I block Web Messenger

    I'm try blocking passport.net, msn.com, hotmail.com domain and MSN Messenger was still able to sign. I think they force the IP of their server is the software himself.
    IE-->Tools-->Internet Options--> Security-->Restricted sites-->sites-->passport.net, msn.com, hotmail.com --> add Those lock down options are part of IE for a reason.

  10. #10
    Senior Member
    Join Date
    Jan 2003
    Posts
    3,914
    Hey Hey,

    Have you checked out a pay solution... such as TerminatorX.. It looks fairly decent...

    Are you on a domain? Have you considered using group policy/NTFS permissions to restrict the usage of the executable..

    By default Messenger uses port 1863... have you tried blocking just that port... seeing if it will actually force itself to port 80 or not?

    Peace,
    HT
    IT Blog: .:Computer Defense:.
    PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •