Problem solve Get help with specific problems with your technologies, process and projects.

Step 1: The "easy, but stupid" approach

In the wrong hands IM and P2P file sharing can be too much of a risk for your organization. There are many ways to block this traffic, but some are more elegant -- with less adverse effects -- than others. Contributor Serdar Yegulalp details this process in this step-by-step guide.

The most brainless way to stop IM/P2P clients is to block all Internet access except for ports 80 and 443. Theoretically, this should stop most P2P/chat software from working. But the bad news is that many of these programs are smart enough at this point to use ports 80 and 443 to attempt to open links to the outside world (AOL Instant Messenger is one such program).

Ultimately, it's a pretty ineffective method and may do more harm than good. There are many other legitimate services that run on ports other than 80 or 443 -- FTP, for instance -- and it may not be practical to block such services to end users. A user might need to obtain a document from an FTP repository somewhere, and if it's unavailable because port 21 is blocked (that's the default port for FTP), that'll be a source of frustration.

If you're determined to block everything except the most legitimate ports, you can go to the IANA (Internet Assigned Numbers Authority) for a list of common and IANA-approved port assignments. Still, it might be better to think about a more sophisticated approach that doesn't require blocking specific ports.

Blocking IM and P2P

 Home: Introduction
 Step 1: The "easy, but stupid" approach
 Step 2: The "block the nexus" approach: IM
 Step 3: The "block the nexus" approach: P2P
 Step 4: The "block the application" approach

More information from

  • News: Malcode targets Windows, IM users
  • Tip: Five steps to lockdown peer-to-peer networks

    Serdar Yegulalp is editor of the Windows Power Users Newsletter. Check it out for the latest advice and musings on the world of Windows network administrators -- and please share your thoughts as well!

    Copyright 2005 TechTarget

    Dig Deeper on Windows Server troubleshooting

    Start the conversation

    Send me notifications when other members comment.

    Please create a username to comment.