| Author |
Blocking Chat Programs
|
|
| Abnormal 2003-09-27, 7:56 pm |
| I want to block all chat programs from my LAN.
Is there any way to block it ? I want to do this specially Yahoo chat program or msn .
 | |
| ruscorp 2003-09-27, 9:41 pm |
| If it were IRC I'd say block ports 6667-7000. However don't Yahoo and MSN use ActiveX and Java? | |
|
|
| azimuth40 2003-09-27, 10:10 pm |
| quote:
Originally posted by Abnormal
I want to block all chat programs from my LAN.
Is there any way to block it ? I want to do this specially Yahoo chat program or msn .
use client or port filtering on your router to block ports or port blocking on a firewall program like zone alarm. Under the rule that everything old becomes new again here are most of the time wasters.
Chat sources
5010 is yahoo messenger
5190 is AOL Instant Messenger
4000 is ICQ
2327 is Netscape Conference
6502 is Netscape Conference
531 is IRC
6667 is IRC
6699 is napster is you have clones still around
8875 is napster
8879 is napster
7648 is CU-Seeme
7649 is CU-Seeme
13223 is PowWow
13224 is PowWow
23213 is PowWow
23214 is PowWow
Game servers
666 is Doom
6112 is Battlenet
7778 is Unreal
21157 is Activision
26000 is Quake
27001 is Quake World
27010 is Halflife
27015 is Halflife
27960 is Quake III
hacker ports
1243 is subseven
6776 is sub7
2140 is DeepThroat
3150 is DeepThroat
6670 is DeepThroat
31337 is Back Orfice
There are lots more but those normally get the script kiddies. | |
| azimuth40 2003-09-27, 10:17 pm |
| quote:
Originally posted by Supertech
ChatBlocker: Chat Blocking & Internet Supervision Software
http://www.best-spy-software.com/ch...ol-software.htm
That one probably has to be passed by the lawyers to make sure your policy manual is crystal clear. "Recording chats" seems dangerous without a few signatures on file. Chats are also two way and what are the other parties rights. Telephone recording rules might apply or at least be argued before a court. | |
| ruscorp 2003-09-27, 10:20 pm |
| quote:
Originally posted by azimuth40
That one probably has to be passed by the lawyers to make sure your policy manual is crystal clear. "Recording chats" seems dangerous without a few signatures on file. Chats are also two way and what are the other parties rights. Telephone recording rules might apply or at least be argued before a court.
Recording chats in an office enviroment. perfectly legal. An employee who believes the internet is private is a fool. | |
| azimuth40 2003-09-27, 10:29 pm |
| quote:
Originally posted by ruscorp
Recording chats in an office enviroment. perfectly legal. An employee who believes the internet is private is a fool.
My point is I am not an employee but the other party. You are better able to research it at work than I but I am positive this has been to court already with a win for the plaintiff. You have to tell an outsider that chats may be monitored. Still I would not want to be the one to gamble at least in the U.S. legal system. Blocking the ports is much safer, no muss no fuss. | |
| ruscorp 2003-09-27, 10:39 pm |
| quote:
Originally posted by azimuth40
My point is I am not an employee but the other party. You are better able to research it at work than I but I am positive this has been to court already with a win for the plaintiff. You have to tell an outsider that chats may be monitored. Still I would not want to be the one to gamble at least in the U.S. legal system. Blocking the ports is much safer, no muss no fuss.
Yea, I get a kick out of packet sniffing.  | |
| Abnormal 2003-09-28, 4:33 pm |
| I think it is going to be a hard job & suppose i block the port on my LAN means it is going to effect to all users & workstations.
The next case is ... If i want to block these programs on one of our workstation only.
Here is an instance for it.
I'm on ip 10.10.10.1. my router is 212 dot dot dot.My another workstation ( i'e. 192.168.1.2 )is connected by switch /hub.
How could I block these programs on this workstation.. ?
Is there any configuration or setup in our router or what .. ?
 | |
|
| ACL - access control list,
consult your router, firewall documentation on how to configure those . | |
| Abnormal 2003-09-29, 12:04 pm |
| mikop ...
ACL is used for blocking an IP or Ip range as i know not a perticular program.
My question is .. I want to block chat.exe or messanger.exe in one of my machine.
hope you got it correctly & exact.
 | |
|
| quote:
Originally posted by Abnormal
mikop ...
hope you got it correctly & exact.
I got it prefectly right.
you see, you didn't state what you now state... which is application on a host level, instead of blocking traffic of a certain type on the network from this particular host, which is your original statement... sort of... ;/
eitherway,
access control list, a dumb comprehensive way, block all port from that host, allow port 80. if chat tunnel through 80, then worry about it if it does. host level don't give him right to run the file, no right to install, etc etc.
why consult router documentation? because access control list can be more granular than just ip/ip range.
the problem is... you are not sure what YOU want to do... have a goal, seek to tools to accomplish it...
you keep jumping from scenario to another scenario... because it is *too hard*...
like azimuth first said, host level firewall to block port... somehow you dismiss it as inadequate, then the next scenario is ACL on router/firewall... then you don't think it will work, but if your router doesn't allow that kind of granular control, then it is a joke of a router... then you pose another scneario which is both are on a switch, and you want to block it... since it is to layer 2 now, and all that router stuff is just waste of time, then we're back again to host level firewall such as zone alarm if not something more professional...
I don't think you have give any of the solution offered a decent shot b4 you shoot it down.
btw,
I am never wrong!
sniff... *flex*
*laugh* | |
| Abnormal 2003-09-30, 9:52 am |
| I want to block all chat programs from one of my pc connected in LAN.
Is there any way to block it ? I want to do this specially Yahoo chat program or msn .
 | |
| azimuth40 2003-09-30, 12:50 pm |
| quote:
Originally posted by Abnormal
I want to block all chat programs from one of my pc connected in LAN.
Is there any way to block it ? I want to do this specially Yahoo chat program or msn .
Why the mad emoticon, that question has been answered. So my question is "was the answer not clear or do you not know how to accomplish the task"?
Really, I have two different brands of SOHO routers costing under 50 dollars U.S. They support 253 systems and are fully capable of being set to do it in under 5 minutes. The Siemens one lists the chat services by name and allows 4 groups of local IP addresses disabling use of specific multiple ports. The SMC one is not as specialized but still allows the function on a single IP or range of IP's tied to ports.
Zone Alarm software could also do it and is password protected. Install a single copy on the system in question. Something like a Cisco router would just take a little longer.
Personally at this point I also do not know what you are asking for. I have given you the relevent port numbers so there is some type of communication problem here.
If it is work related then document the problem for an upper management person. If that management person is you then reprimand the violator so that if required the next step can be dismissal.
If it is a home problem then get a copy of Zone Alarm and be done with it. Setting the appropriate permissions on 2K or XP will prevent program deletion. You already know how to handle that end of it.
To block web based chats you are going to have to block entire web sites, so keep that in mind. | |
| dcurtisen 2003-10-29, 3:16 pm |
| I don't know if the problem has been resolved...but if this is a windows 2000 enviroment, why not create an OU in AD, place the problem PC in that container, then create a GPO, tied only to that container, that does not allow the chat programs to run (restrict aim.exe, or whatever the prgrogram is). That was how I resolved it at one of my facilities. | |
| WildCard1 2003-11-23, 10:49 am |
| Maybe it needs to be looked at a different angle... Maybe the original poster is the one that has had his internet chat program access revoked, and is trying to reverse engineer/undo it. It's the only good reason I can think of that he would shoot down all the good ideas brought up.
Company I work for has tech support outsourced to India (original poster is there), those people are all BS degreed in something, yet only doing menial tier 1 stuff, and they are so afraid to do anything outside of policy because they are afraid of losing their jobs.
Original poster, assuming you are in the position to legitimately limit someone's chat functionality - why don't you just threaten termination? Or create a new - no abusive chat policy?
Something isn't right about this story.
-WC- | |
| Abnormal 2003-11-23, 11:51 am |
| quote:
Originally posted by WildCard1
Maybe it needs to be looked at a different angle... Maybe the original poster is the one that has had his internet chat program access revoked, and is trying to reverse engineer/undo it. It's the only good reason I can think of that he would shoot down all the good ideas brought up.
Company I work for has tech support outsourced to India (original poster is there), those people are all BS degreed in something, yet only doing menial tier 1 stuff, and they are so afraid to do anything outside of policy because they are afraid of losing their jobs.
Original poster, assuming you are in the position to legitimately limit someone's chat functionality - why don't you just threaten termination? Or create a new - no abusive chat policy?
Something isn't right about this story.
-WC-
I was expecting some other ways of blocking a perticular program on a workstation. It has no relation with that you you have written above.
All those I can guess that either you are habitual of talking over or you got irritated etc by any Indian guy in this tech field.
by the way I got solution to block that program & the easiest solution is Zonal Alarm.
Thanks to all who replied on this post. | |
| WildCard1 2003-11-23, 12:54 pm |
| First of all, why is this in a server+ forum?
Second, I have no problem with Indians in the tech field. It's a fact of life.
Third, you never thanked the people in the thread for suggesting what you needed until this last post.
-WC- |
|
|
|