yahoo instant messenger profile

["RODDY, Dan" <Dan.Roddy () state or us>]

I found this gagle running a telnet session outbound.  After finding a way
to block it I took a look at what the client is trying to do to connect back
to yahoo.  Maybe others will find this interesting should their policy
warrant blocking it.

Dec 10 00:01:32.510 firewall: smtp[1285032198]: access denied for
aaa.bbb.ccc.ddd to 216.136.227.21 
Dec 10 00:02:02.525 firewall: nntp[1287716892]: access denied for
aaa.bbb.ccc.ddd to 216.136.227.21 
Dec 10 00:02:32.540 firewall: 20/tcp[69152629]: access denied for
aaa.bbb.ccc.ddd to 216.136.227.21 
Dec 10 00:02:33.087 firewall: 20/tcp[69152630]: access denied for
aaa.bbb.ccc.ddd to 216.136.227.21 
Dec 10 00:02:33.571 firewall: 20/tcp[69152631]: access denied for
aaa.bbb.ccc.ddd to 216.136.227.21 
Dec 10 00:02:33.665 firewall: 37/tcp[69152632]: access denied for
aaa.bbb.ccc.ddd to 216.136.227.21 
Dec 10 00:02:34.165 firewall: 37/tcp[69152633]: access denied for
aaa.bbb.ccc.ddd to 216.136.227.21 
Dec 10 00:02:34.681 firewall: 37/tcp[69152634]: access denied for
aaa.bbb.ccc.ddd to 216.136.227.21 
Dec 10 00:02:34.790 firewall: 5050/tcp[69152635]: access denied for
aaa.bbb.ccc.ddd to 216.136.225.27 
Dec 10 00:02:35.274 firewall: 5050/tcp[69152636]: access denied for
aaa.bbb.ccc.ddd to 216.136.225.27 
Dec 10 00:02:35.774 firewall: 5050/tcp[69152637]: access denied for
aaa.bbb.ccc.ddd to 216.136.225.27 
Dec 10 00:03:50.929 firewall: telnet[1296957518]: access denied for
aaa.bbb.ccc.ddd to 66.163.169.212 
Dec 10 00:04:20.944 firewall: telnet[1296957519]: access denied for
aaa.bbb.ccc.ddd to 66.163.169.213 
Dec 10 00:04:50.959 firewall: 5050/tcp[69152638]: access denied for
aaa.bbb.ccc.ddd to 216.136.227.21 
Dec 10 00:04:51.521 firewall: 5050/tcp[69152639]: access denied for
aaa.bbb.ccc.ddd to 216.136.227.21 
Dec 10 00:04:52.021 firewall: 5050/tcp[69152640]: access denied for
aaa.bbb.ccc.ddd to 216.136.227.21 
Dec 10 00:04:52.115 firewall: telnet[1296957520]: access denied for
aaa.bbb.ccc.ddd to 216.136.227.21 
Dec 10 00:06:22.144 firewall: smtp[1285032258]: access denied for
aaa.bbb.ccc.ddd to 216.136.227.21 
Dec 10 00:06:52.159 firewall: nntp[1287716893]: access denied for
aaa.bbb.ccc.ddd to 216.136.227.21 
Dec 10 00:07:22.174 firewall: 20/tcp[69152641]: access denied for
aaa.bbb.ccc.ddd to 216.136.227.21 
Dec 10 00:07:22.705 firewall: 20/tcp[69152642]: access denied for
aaa.bbb.ccc.ddd to 216.136.227.21 
Dec 10 00:07:23.221 firewall: 20/tcp[69152643]: access denied for
aaa.bbb.ccc.ddd to 216.136.227.21 
Dec 10 00:07:23.299 firewall: 37/tcp[69152644]: access denied for
aaa.bbb.ccc.ddd to 216.136.227.21 
Dec 10 00:07:23.815 firewall: 37/tcp[69152645]: access denied for
aaa.bbb.ccc.ddd to 216.136.227.21 
Dec 10 00:07:24.330 firewall: 37/tcp[69152646]: access denied for
aaa.bbb.ccc.ddd to 216.136.227.21 
Dec 10 00:07:24.408 firewall: 5050/tcp[69152647]: access denied for
aaa.bbb.ccc.ddd to 216.136.225.27 
Dec 10 00:07:24.924 firewall: 5050/tcp[69152648]: access denied for
aaa.bbb.ccc.ddd to 216.136.225.27 
Dec 10 00:07:25.424 firewall: 5050/tcp[69152649]: access denied for
aaa.bbb.ccc.ddd to 216.136.225.27 
Dec 10 00:07:53.158 firewall: telnet[1296957521]: access denied for
aaa.bbb.ccc.ddd to 216.136.173.141 
Dec 10 00:08:23.157 firewall: telnet[1296957522]: access denied for
aaa.bbb.ccc.ddd to 66.163.169.213 
Dec 10 00:08:53.188 firewall: 5050/tcp[69152650]: access denied for
aaa.bbb.ccc.ddd to 216.136.227.21 
Dec 10 00:08:53.703 firewall: 5050/tcp[69152651]: access denied for
aaa.bbb.ccc.ddd to 216.136.227.21 
Dec 10 00:08:54.219 firewall: 5050/tcp[69152652]: access denied for
aaa.bbb.ccc.ddd to 216.136.227.21 
Dec 10 00:08:54.297 firewall: telnet[1296957523]: access denied for
aaa.bbb.ccc.ddd to 216.136.227.21 
Dec 10 00:10:24.326 firewall: smtp[1285032343]: access denied for
aaa.bbb.ccc.ddd to 216.136.227.21 

Dan Roddy
Security Administrator
Oregon State Treasury



---------------------------------------------------------------------------
----------------------------------------------------------------------------