Bigbruva
Mon Mar 14 22:42:29 CST 2005
Just for the record I have tested both MSN Messenger 7.0 Beta and the
Windows Messenger 5.1 and this technique will successfully block both from
working.
HTH
BB
"Bigbruva" <Richardh@dontusethis.ws> wrote in message
news:%23nhtBfPKFHA.436@TK2MSFTNGP09.phx.gbl...
> Yes the last time I saw anything on the architecture of the Hotmail
> datacenter it was huge!
> Massive clusters with all types of software and hardware load balancing in
> place.
>
> I should also state that this solution works for:. MSN Messenger 6.1
> . MSN Web Messenger
>
>
> I do not know if it will work with the new MSN messenger beta (I'll see if
> I can test it and post back)
>
> BB
>
> "Matt Gibson" <mattg@blueedgetech.ca> wrote in message
> news:eA1LNhOKFHA.2936@TK2MSFTNGP15.phx.gbl...
>> Now, here's where I'm honestly a bit shaky, but isn't there a number of
>> servers? Not just a single one?
>>
>> (For all I know, they're just DNS round robined off the single name)
>>
>> Matt Gibson - GSEC
>>
>>
>> "Bigbruva" <Richardh@dontusethis.ws> wrote in message
>> news:eqvLrZOKFHA.1948@TK2MSFTNGP14.phx.gbl...
>>> Okay Matt so perhaps I was being a little lazy in posting the link
>>> instead of posting an answer...busted!
>>>
>>> If you wish to block MSN messenger from successfully connecting to the
>>> messenger service do the following on your network firewall:
>>>
>>> 1) Block outbound access to TCP port 1863
>>> 2) Block HTTP access to messenger.hotmail.com
>>>
>>> This will stop the initial access to the service and therefore block the
>>> application and all it's other communications.
>>>
>>> HTH
>>>
>>> BB
>>>
>>>
>>> "Matt Gibson" <mattg@blueedgetech.ca> wrote in message
>>> news:OQrwyEMKFHA.2764@tk2msftngp13.phx.gbl...
>>>> Bigbruva,
>>>>
>>>> While that's a good article, this paragraph explains why blocking IM
>>>> from this at a port level is basically impossible.
>>>>
>>>> Instant Messaging and Presence
>>>> In general, there are no issues with IM and presence affecting
>>>> communication through a firewall or NAT device. If the Windows XP
>>>> client can create and maintain a connection to the server, other IM and
>>>> presence communication can follow this same path. For example,
>>>> Microsoft Exchange IM transports its Presence and IM messages using
>>>> hypertext transfer protocol (HTTP) and has mechanisms to insure that
>>>> these messages can traverse firewall and NAT devices. These mechanisms
>>>> include polling to maintain a TCP connection to the server for two-way
>>>> communication and setting aside a fixed port for callback delivery.
>>>>
>>>> Matt Gibson - GSEC
>>>>
>>>>
>>>> "Bigbruva" <Richardh@dontusethis.ws> wrote in message
>>>> news:%231AeZAMKFHA.3928@TK2MSFTNGP09.phx.gbl...
>>>>> If you are talking about "MSN Messenger" application, look at the
>>>>> following URL. This lists all the posts used by this application for
>>>>> sharing messages, files and applications.
>>>>>
http://www.microsoft.com/technet/prodtechnol/winxppro/deploy/natfw.mspx
>>>>>
>>>>> Even though this page is for the Windows messenger the port numbers
>>>>> are the same for the features in the MSN version.
>>>>>
>>>>> Let us know if this is what you needed.
>>>>>
>>>>> BB
>>>>>
>>>>>
>>>>> "riki" <riki@discussions.microsoft.com> wrote in message
>>>>> news:A1A379C7-06E2-4EC7-9F91-2F15CF55649A@microsoft.com...
>>>>>> How to blok MSN which ports I need to block
>>>>>
>>>>>
>>>>
>>>>
>>>
>>>
>>
>>
>
>