How to Block IM/AIM Services?

Sharky Forums


Results 1 to 9 of 9

Thread: How to Block IM/AIM Services?

  1. #1
    nuclear launch detected kpxgq's Avatar
    Join Date
    Jun 2001
    Location
    texas
    Posts
    16,611

    How to Block IM/AIM Services?

    Im trying to block AIM on my network but i cant find a solution for my setup....

    i asked around and this is what i found

    - AIM client uses port 5190, block that... done
    - however savvy users can set the port to something different
    - AIM Express uses a java plugin
    - so then the best method is to block the DNS server of oscar.login.aol.com

    however my router (Netgear MR814) does not have such options as blocking a specific outside ip, it only lets me block ips from my own network or outside ports....

    any helps?
    bitfenix prodigy, i5 4670k, asrock z87e-itx, pny gtx 760, crucial m500 msata, seasonic x650, dell st2220t

  2. #2
    Goldfish mshe's Avatar
    Join Date
    Mar 2004
    Location
    Toronto, ON, Canada
    Posts
    67

    Re: How to Block IM/AIM Services?

    Originally posted by kpxgq
    however my router (Netgear MR814) does not have such options as blocking a specific outside ip, it only lets me block ips from my own network or outside ports.
    Well that's your problem - time to upgrade to a firewall router (SonicWall, Zyxel, etc) or stick a software firewall in between your network and the router.
    Last edited by mshe; 04-19-2004 at 01:06 PM.

  3. #3
    Hammerhead Shark
    Join Date
    Dec 2000
    Posts
    1,579
    You could look into a Linux-based firewall box. Using IPcop possibly?

  4. #4
    Hammerhead Shark njdevs95's Avatar
    Join Date
    Mar 2002
    Posts
    2,273
    If you are on a active directory domain then you can create group policies that will prevent users from doing certain things such as installing programs. That's just one example there are a variety of settings that can be configured, it may or may not work for your needs but if you're on an AD domain it's worth looking into.
    http://www.danasoft.com/sig/Stillio.jpg
    Sharkyextreme.com 3dmark Team

    My 3DMark Compare Link 14429
    Antec sx1040 case with 400 watt power supply
    Epox 8RDA+ motherboard
    amd xp 2100 (currently @2.21ghz)(170x13)
    gf4 ti4400
    soundblaster audigy gamer
    Samsung 160gb hd @7200 rpm 8mb cache
    NEC 2500a DVD Burner
    lite on dvd rom 16x
    sony floppy drive
    1 gig kingston hyper x ddr pc3200
    19 inch hitachi flatscreen monitor
    logitech cordless keyboard/mouse(optical)
    All running on win2kpro


    Get Paid to read Email

  5. #5
    Crash Test Dummy SkyDog's Avatar
    Join Date
    Oct 2000
    Location
    Upstate New York
    Posts
    12,185
    If you can edit the HOSTS file on your local computers, you can point "oscar.login.aol.com" to a bogus IP address. But a savvy user would find the problem and fix it.

    If you're hosting your own DNS (like in an Active Directory domain), you could do a similar redirect, but the a savvy user could bypass that by pointing to a different DNS server or editing the HOSTS file to override it.

    If you want to block it at the firewall, you'll probably need something more full-featured than a Netgear router. Using a computer running IPCop might be a good choice, and it's free.

  6. #6
    Hammerhead Shark jck8r's Avatar
    Join Date
    Jul 2001
    Location
    East Coast
    Posts
    2,076
    What sort of network is this where you're using only a Netgear router?
    Last edited by jck8r; 04-20-2004 at 05:04 PM.

    Quiet PC.

  7. #7
    gran tiburón blanco ewitte's Avatar
    Join Date
    Jul 2002
    Location
    Houston, TX mostly. Lima, Peru partiallly.
    Posts
    7,394

    Re: How to Block IM/AIM Services?

    Originally posted by kpxgq
    Im trying to block AIM on my network but i cant find a solution for my setup....

    i asked around and this is what i found

    - AIM client uses port 5190, block that... done
    - however savvy users can set the port to something different
    - AIM Express uses a java plugin
    - so then the best method is to block the DNS server of oscar.login.aol.com

    however my router (Netgear MR814) does not have such options as blocking a specific outside ip, it only lets me block ips from my own network or outside ports....

    any helps?
    That depends on the programs. Some dynamically change when you block them. And they will go as far as using port 80 if need be. Others you can just change the hosts or block a specific port.

    Eric
    Last edited by ewitte; 04-23-2004 at 01:21 PM.

  8. #8
    Reef Shark SuperKoji's Avatar
    Join Date
    Oct 2000
    Location
    Northern California
    Posts
    259

    Arrow hmmm

    You should be able to prevent the user from running "aim.exe" based on the hash value in the group policy. That way, even if the installation directory changes, it would still work, and it won't be affected by port or IP. I hope this helps.

  9. #9
    Catfish
    Join Date
    May 2003
    Location
    Ohio
    Posts
    230
    Aw, come on why do you wanna block people from using IM services, they are the best way to get a hold of people. I mean is this a buisness network that they should be using it or a school?
    Just curiouse why you wanna block those programs.
    AMD 64 3500+
    Asus A8N-E
    1gig ram DDR 4000
    Radeon 800xt 256meg PCI Express 16x
    300 gig, 200gig, 200gig, 160gig, 120gig, 80gig hard drive space
    Dvd burner

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •