Home
Topics
Microsoft Windows Server Management
Windows Server and Network Security
Step 2: The "block the nexus" approach: IM

Step-by-Step Guide

Step 2: The "block the nexus" approach: IM

This is a targeted approach, and it takes a little more work, but you can combine it with other methods to make it extremely effective. Combine this with preventing software installations (see step four), and you can keep the vast majority of messenger clients off your network.

Messenger clients usually have to log on to a central server to work properly. Ergo, the best way to block messenger clients is not to block the ports they use, but the central servers they use. For instance, AOL Instant Messenger's logon server is login.oscar.aol.com, which resolves to four IP addresses: 205.188.7.172, 205.188.7.176, 205.188.7.164, and 205.188.7.168. Block both the domain name and the IP addresses, and AIM should no longer work. (Blocking all of aol.com is probably impractical, but blocking just AIM's logon server should not pose any other problems.) For Yahoo! Messenger, the most commonly used logon addresses are msg.edit.yahoo.com, edit.messenger.yahoo.com, csa.yahoo.com, csb.yahoo.com, and csc.yahoo.com. (The IPs for these may vary, so be sure to check them.)

If you come across other clients you want to block, it should be easy enough to run them on a computer in a DMZ, analyze the connections they attempt to make with the command-line

Requires Free Membership to View

Login

By submitting you agree to receive email communications from
TechTarget and its partners. Privacy Policy Terms of Use.

netstat tool, and then block all the sites they try to use. Note that static IPs for servers might change over time, so you may want to periodically re-check the IP addresses for any given logon server and make sure it's still being blocked.

Blocking IM and P2P

Home: Introduction
Step 1: The "easy, but stupid" approach
Step 2: The "block the nexus" approach: IM
Step 3: The "block the nexus" approach: P2P
Step 4: The "block the application" approach

More information from SearchWindowsSecurity.com

News: Malcode targets Windows, IM users

Tip: Five steps to lockdown peer-to-peer networks

ABOUT THE AUTHOR:

Serdar Yegulalp is editor of the Windows Power Users Newsletter. Check it out for the latest advice and musings on the world of Windows network administrators -- and please share your thoughts as well!

Copyright 2005 TechTarget

More News and Tutorials

Articles

Related glossary terms

Terms for Whatis.com - the technology online dictionary

This was first published in January 2006

Join the conversationComment

Share

Comments

Results

Contribute to the conversation

All fields are required. Comments will appear at the bottom of the article.

More from Related TechTarget Sites

Server Virtualization
Cloud computing
Exchange
SQL Server
Windows IT
Enterprise Desktop
Virtual Desktop

Server Virtualization
- RISC technology, ARM processors trending in server virtualization
  
  New 64-bit ARM processors are better equipped to support virtualization than before, but not all workloads are good candidates for the technology.
- Virtualization vs. cloud: Let's get this straight
  
  Reports of clouds abound, but true clouds are hard to come by. Turns out, many don't know what separates virtualization vs. cloud. We're here to help.
- Moving VMs around? Avoid downtime with Hyper-V Live Storage Migration
  
  Live Storage Migration eliminates the downtime associated with moving VM files from one storage location to another and helps improve performance.
Cloud computing
- PaaS market heats up with Red Hat OpenShift, Savvis AppFog buy
  
  PaaS made headlines last week, but it's still difficult to gauge the true level of interest in Platform as a Service in the enterprise world.
- IBM, Salesforce deals usher in cloud consolidation era
  
  IBM's SoftLayer buy is getting mixed reviews from IT pros, but everyone agrees that it's an example of the consolidation phase of the cloud bubble.
- U.S. defense agencies' cloud transition yields better intelligence
  
  A cloud migration seems daunting but the effort is worthwhile; U.S. defense agencies say their cloud move led to better military intelligence.
Exchange
- How to synchronize SharePoint 2013 lists with Outlook 2013
  
  Give users access to various SharePoint 2013 lists through Outlook 2013 with just a few simple configuration steps.
- Spotlight on top new Exchange 2013 features
  
  There are several new Exchange 2013 features that should interest those debating an upgrade. We examine several standouts and how to work with them.
- How to modify OWA 2013 to support Microsoft Lync
  
  Properly modifying OWA 2013 is necessary to allow users Lync functionality such as instant messaging and presence. We offer the necessary steps here.
SQL Server
- SQL Server 2014 'keeps up with the Joneses,' says analyst
  
  Ovum analyst Tony Baer says that most database platforms are moving toward in-memory features, and SQL Server 2014 is no different.
- SQL Server high availability: Natural enemy of virtualization?
  
  Do SQL Server high availability and virtualization go together or not? Find out if virtualization is a good option for you in this tip by Bob Sheldon.
- SQL Server 2014 due out in late 2013, in-memory OLTP a big feature
  
  Microsoft announced that the next version of its database, SQL Server 2014, will have in-memory features and be generally available in late 2013.
Windows IT
- Eight questions to ask yourself before moving to C-suite management
  
  There are many opportunities that come with working in C-suite management, but you should answer these eight questions before a move to mahogany row.
- SharePoint 2013 features: what's new, what's changed and what's gone
  
  Some existing SharePoint features were replaced or dropped in SharePoint 2013. Here's how to work through the changes.
- Prevent hacking in your enterprise with these nine easy steps
  
  There are no foolproof ways to completely stop hacking in an enterprise, but follow these proven and common sense methods to reduce your risk.
Enterprise Desktop
- Q&A: Microsoft's Erwin Visser discloses Windows 8 mobile strategy
  
  Microsoft GM Erwin Visser discusses the company's mobile strategy for Windows 8 and the need to deliver one device supporting all types of computing.
- Q&A: Microsoft's Erwin Visser on Windows 8.1 updates, security
  
  Microsoft's Erwin Visser discusses Windows 8.1 features, how IT can keep pace with faster update cycles and Windows security enhancements.
- Telerik updates Windows 8 app development tools
  
  Telerik's updated DevCraft tool for developing Windows 8 apps helps IT to deliver business apps to end users on PCs and tablets.
Virtual Desktop
- How inline deduplication is changing the VDI storage landscape
  
  VDI storage has long been a challenge for virtual desktop admins, but inline deduplication is changing all that.
- Taking advantage of VM snapshots in a virtual desktop environment
  
  With VM snapshots, you can make one desktop VM into many. Just watch out for performance when snapshotting in a virtual desktop environment.
- Planning and managing virtual desktop pools
  
  Virtual desktop pools make management easier, but you have to plan for them and remember that the way you create pools depends on your VDI platform.

All Rights Reserved,Copyright - 2013, TechTarget