Re: What's up with Yahoo messenger?

[Sarah Stevens <sarah () STEVENS-TECHNOLOGIES COM>]

This isn't to say that Yahoo Messenger uses all of these ports, I
believe.  This is just to say that Yahoo Messenger CAN use any of
these ports and may try (scan) all of them until an appropriate port
can be found that can be used to run the program.  Right?

Some company networks try to block messenger services from being
used.  Yahoo and AIM can work on a variety of ports thus making it
harder for administrators to completely block the use of these
services.

Sarah E Stevens
Stevens Technologies, Inc.

> Today I noticed an unusual number of "possible spambot" and "telnet
scanning" alerts over the weekend.  In tracking these down, I found
almost all of the destinations were Yahoo!  Mostly 216.155.193.x and
66.163.172.x hosts.
> In checking the packet payloads, it was Yahoo messenger.
>
> On ports 20, 23, and 25?  Gee, this blows my security model astray.
>
> Apparently this has been going on for some time.  I found this
little reference at
http://www.wackyb.co.nz/menu/Yahoo_Messenger_v6_Connection_Issues/ :
> > Basic Connection:
> > Protocol:           TCP or HTTP
> > Servers:            scs.msg.yahoo.com
> >                     scsa.msg.yahoo.com
> >                     scsb.msg.yahoo.com
> >                     scsc.msg.yahoo.com
> > Port:               20, 23, 25, 80, 119, 5050
> >                     (also 8001, 8002)
>
> Does this surprise anyone else as it did me?
>
> Do you make provisions to allow for Yahoo IM even though you might
block some of those ports?
> Jeff

--