forget the stupid attempts to block 5190/tcp, etc.. its best to completly route to null or deny traffic to the subnets involved. (smarter users will just specify to use 80 / tcp, and still get on)
read this from a story about this.. As of 1:22 PM 11/21/2001 Login server names - set up a Deny URL access rule for these sites or subnets since they can have several login server's per subnet as MSN probably does AOL Instant Messenger: oscar.login.aol.com AOL's login servers are on these subnets/addresses:, 205.188.3.0, 205.188.5.0, 205.188.7.0, 64.12.161.153 and 64.12.161.185 MSN Messenger: gateway.messenger.hotmail.com (was login.gateway.hotmail.com) multiple login servers, including at least one at 64.4.13.181 called http11.msgr.hotmail.com ICQ: login.icq.com and http.proxy.icq.com (Was icq.mirabilis.com and login.icq.com previously) ICQ's login server's 205.188.179.0, 205.188.162.0, 64.12.162.57 and 64.12.163.132 Yahoo Messenger: msg.edit.yahoo.com/* (Yahoo Messenger: Might also need to block messenger.yahoo.com/* and http.pager.yahoo.com/* Be sure to type in the http on that last URL). AOL: aol 5190/tcp America-Online instant messenger (client side uses 5190 for outbound tcp connectivity to get to their logon server for AIM: login.oscar.aol.com aol 5190/udp America-Online instant messenger aol-1 5191/tcp AmericaOnline1 tcp/ip connection option for newer versions of AOL aol-1 5191/udp AmericaOnline1 tcp/ip connection option for newer versions of AOL aol-2 5192/tcp AmericaOnline2 tcp/ip connection option for newer versions of AOL aol-2 5192/udp AmericaOnline2 tcp/ip connection option for newer versions of AOL aol-3 5193/tcp AmericaOnline3 tcp/ip connection option for newer versions of AOL aol-3 5193/udp AmericaOnline3 tcp/ip connection option for newer versions of AOL MSN Messenger: port 1863 tcp Yahoo messenger: ports 5001,5002,5004,5005,5010 and 5050 Yahoo PC to Phone: port 6801/UDP incoming and outgoing Streamin Video: h263-video 2979/tcp H.263 Video Streaming h263-video 2979/udp H.263 Video Streaming Instant Messaging: wimd 2980/tcp Instant Messaging Service wimd 2980/udp Instant Messaging Service PC AnyWhere: pcanywheredata 5631/tcp pcANYWHEREdata pcanywheredata 5631/udp pcANYWHEREdata pcanywherestat 5632/tcp pcANYWHEREstat pcanywherestat 5632/udp pcANYWHEREstat REAL PLAYER; REAL DOWNLOAD AND REAL JUKEBOX: RealServer sends all media in HTTP format. This creates more overhead on your network than any of the other options. As an aside, Real Download will pass for connecting to G2 RealServers Realplayer versions 7 and 8 ports 6970 - 7170 in your firewall for UDP. ports 7070 - 7071 and 554 for TCP connecting to pre-G2 RealServers Realplayer versions 3,4,5 and 6 ports 7070 - 7071 in your firewall for TCP ports 6970 - 7170 in your firewall for UDP, UDP ports 6970 - 7170 (inclusive) for incoming traffic only ports 6770 - 7170 in your firewall for UDP. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=46049&t=46013 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
