We might as well block all class A, B, and C addresses and kill all the birds all together.
What is the purpose of giving users access to the Internet when you will be blocking even the hotmail for them? If you want them to access the company website only, then permit that one IP address and deny everything else ( and don't call it Internet access ). Bernard > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of > Chuck Church > Sent: Sunday, January 06, 2002 7:08 AM > To: [EMAIL PROTECTED] > Subject: How to block MSN, and others. [7:31057] > > All, > > I've had good luck blocking access by denying all traffic to the IP > ranges of the login servers for those services. Currently I block all > traffic to: > > AOL IM > 152.163.0.0 /16 255.255.0.0 > 205.188.0.0 /16 > 64.12.0.0 /16 > > MSN Messenger > 64.4.0.0 /18 255.255.192.0 > > Yahoo Messenger > 216.136.224.0 /22 255.255.252.0 > > > This works currently. You might want to keep all 3 installed you your > work > PC, and check them once a week. If one starts working, they must have > added > another network. Open a DOS window, and do a 'netstat'. Look for the > connection to login server, most likely will mention the company in the > DNS > name. Mine looked like this: > TCP superdave:1530 msgr-ns56.msgr.hotmail.com:1863 ESTABLISHED > > If you then do a netstat -n, you'll get the address rather than the > DNS name. Then look up that address in www.arin.net in the WHOIS utility. > That will give you the block of addresses. Add that block of addresses, > and > you'll be blocking them all once again. > > Chuck > > P.S. Blocking MSN will also block Hotmail access, you you kill 2 birds > with > 1 stone! Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=31060&t=31057 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
