ISP-Planet - Business - Need to Block Instant Messaging Programs?

Sections

• Best of the Lists
• Business
• CLEC-Planet
• Equipment
• Executive
Perspectives
• Fixed Wireless
• Investor
• Marketing
• Market Research
• News
• Notable Quotes
• Politics
• Profiles
• Resources
• Technology
• Value-Added
Services
• Webhosting
Also ...
• About Us
• Authors
• Letters
• Site Map
• Technology Jobs

internet.com

IT
Developer
Internet News
Small Business
Personal Technology

Search internet.com
Advertise
Corporate Info
Newsletters
Tech Jobs
E-mail Offers

internet.commerce

Partner With Us

Best of the ISP-Lists

Need to Block Instant Messaging?

Members of the ISP-Security list find that it's quite difficult to block most instant messaging programs, and suggest personal rather than technical solutions for businesses that lack the bandwidth to keep staff on instant messengers all day.

[October 26, 2000]

On the ISP-Security list in October, EC inquired,

"How do you block instant messaging programs?"

A couple of respondents had specific suggestions for EC's concerns:

[JR offered] "ICQ is pretty easy to block, or at least the older version was. Just block UDP 4000: if it can't connect to the main server, it's unable to send messages beyond that. You could also block incoming ports above 1024, and this stops ICQ as well."

[CS added] "The only way to effectively do this is to block the destination hosts that these services use. This will be a difficult-to-maintain solution because the services can change these at will. Several of these services use clients that tunnel over normally allowed ports plus lots of others. They don't have a single well-known port that they all use." KW warned that none of these solutions would be simple:

"If you block incoming ports above 1024, you will likely block a whole lot more than just ICQ. There is no effective way of blocking instant messenger services without a stateful packet inspection firewall. Blocking ports will not solve your problem, as there are ICQ servers out there that accept connections on any port."

Others noted that there might be less technical ways to deal with concerns regarding instant messaging:

[CS observed] "This isn't a technology problem, it's an administrative one. If people aren't allowed to use these services, enforcement via logs might be a better option. After a few folks are busted, others will simply stop."

[BL concurred] "You would be better advised to treat this as a staff policy issue rather than attempting to block it-unless they only want HTTP and mail, in which case it would be easier to simply block everything except the ports which those require. Don't forget, also, that many software packages have anti-firewall features which will allow them to be used on ports under 1024."

—End

ISP-Planet's RSS feed

WebMediaBrands Corporate Info

Legal Notices, Licensing, Reprints, Permissions, Privacy Policy.
Advertise | Newsletters | Shopping | E-mail Offers | Freelance Jobs

Whitepapers and eBooks

Whitepaper: Introducing the Azure Services Platform
Whitepaper: Introduction to Microsoft .NET Services for Developers
Whitepaper: Securing Microsoft's Cloud Infrastructure
Internet.com eBook: Becoming a Better Project Manager
Microsoft Partner Portal: What Azure Means for Microsoft Partners

Internet.com eBook: Web Development Frameworks for Java
Internet.com eBook: Developing a Content Management System Strategy
Article: Ten Things IT Professionals Should Know About Windows 7
MORE WHITEPAPERS, EBOOKS, AND ARTICLES

Webcasts

Get Started with .NET Services

MORE WEBCASTS, PODCASTS, AND VIDEOS

Downloads and eKits

Amyuni: PDF & PDF/A Engine for .NET and ActiveX Apps
Red Gate Free Trial: SQL Toolbelt
Iron Speed Designer Application Generator

Download Award-Winning Red Gate SQL Backup Pro
MORE DOWNLOADS, EKITS, AND FREE TRIALS

Tutorials and Demos

Internet.com Hot List: Get the Inside Scoop on the Hottest IT and Developer Products
Internet.com Hot List: Java EE 6 Platform Highlights the JavaOne Conference

MORE TUTORIALS, DEMOS AND STEP-BY-STEP GUIDES