Re: Blocking Instant Messaging Applications

["Gaddis, Jeremy L." <jeremy () linuxwiz net>]

Alloishus BeauMains wrote:
> At the PIX or firewall, or wherever your ACLs are kept, block incoming
> or outgoing traffic to oscar.aol.com, the messenger login servers,
> trillian, yahoo, etc etc etc.

Unfortunately, this method also has a great deal of administrative 
overhead.  Do a lookup on messenger.hotmail.com.  Do another lookup two 
weeks from now.  A beer says that the IPs will differ.  Trying to keep 
up with this is futile.  If you don't believe me, see MS KB Article 
#889829 (http://support.microsoft.com/default.aspx/kb/889829).  I 
implemented this on February 13th.  It worked for perhaps a month.

Heck, just checked and that article isn't even available anymore.  It's 
referenced at http://www.microsoft.com/security/incident/im.mspx, but 
clicking on the link gets you to an error page.

Thanks,
-j

--
Jeremy L. Gaddis, GCWN
http://www.linuxwiz.net/

"If it's not on fire, it's a software problem."