Blocking MSN Messenger



  • Is there any effective way to block MSN Messenger?

    Its been 3 days since ive been trying to block the bastard.

    It seems tha it is impossible to do it without a full version of squid, which is not avalilable yet.

    Thanks,

    Nicolas.



  • Obtain the IP addresses of the MSN Login servers (you can find them with a little bit of google action) and create an alias for them.  Then, block access to those IP addresses on your LAN interface.



  • Well,

    It seems that using squid may be some kind of solution:

    Blocking acces to these domains prevents users to login (tested with messenger 7.5, live 8.1 and 8.5):

    In Services->ProxyServer, Access control Tab, blacklisted add these:

    #MSN
    gateway.messenger.hotmail.com
    relay.data.edge.messenger.live.com
    gw.msnmessenger.akadns.net
    dp.msnmessenger.akadns.net

    In addition to that you must block acces to port 1863 from Lan.

    This a rather not elegant solution, because login gateways may vary with the messenger version, and it is useless if clients use any anonimizer-like tool that cheats the proxy, but at least it is something.

    Webmessengers clients should also be blocked

    #webmessengers
    webmessenger.msn.com
    msn2go.com
    ebuddy.com
    koolim.com
    messengerfx.com
    iloveim.com
    mabber.com
    communicationtube.net
    radiusim.com
    snimmer.com

    additions to that list are welcome



  • You asked specifically about blocking MSN messenger, I gave you the solution.  Expanding beyond it to try and filter all IM clients is a much bigger discussion.



  • if I misslead you to think that i am triyng to block all IM clients, i am sorry,it was not my intention, i am just triying to block MSN messenger, since it is the
    most popular.

    I tried your solution at first, but it did no work for me (too lazy to check all ips).

    Thanks for the advice anyway, i would have gone in that direction if my solution would have failed.



  • Have you considered using snort?



  • YES!

    Snort is an awesome feature, but it is a bit difficult to configure too, for newbies like me.
    I managed to block MSN with it, but along with that the lan ip was banned completely, and that was not what i wanted.

    Maybe it can be configured to only ban "ofender" ips from the wan side,, can it?

    Regards,

    Nicolas.



  • This is what i did (using MSN as example, the same applies to other IM's):

    Google for the msn's mime type, it is x-msn-messenger, so i created an acl for request and reply mime types:

    acl msn_req req_mime_type application/x-msn-messenger
    acl msn_rep rep_mime_type application/x-msn-messenger

    Now, just block them:

    http_access deny msn_req
    http_reply_access deny msn_rep

    I added the four lines above in the Custom Options texbox (In Services- > Proxy Server -> General Settings)
    Dont forget to block port 1863 in Firewall -> Rules.
    Now the motherfuckers at Redmond can change their login server's ip wherever they want, it still works  ;D
    Kind regards,



  • @b4nsh33:

    This is what i did (using MSN as example, the same applies to other IM's):

    Google for the msn's mime type, it is x-msn-messenger, so i created an acl for request and reply mime types:

    acl msn_req req_mime_type application/x-msn-messenger
    acl msn_rep rep_mime_type application/x-msn-messenger

    Now, just block them:

    http_access deny msn_req
    http_reply_access deny msn_rep

    I added the four lines above in the Custom Options texbox (In Services- > Proxy Server -> General Settings)
    Dont forget to block port 1863 in Firewall -> Rules.
    Now the motherfuckers at Redmond can change their login server's ip wherever they want, it still works  ;D
    Kind regards,

    Sorry to bring up this old post, but I was hoping someone could help me with a similar idea…

    I am using IMSpector to monitor office chat programs, but it doesn't seem to be working with MSN when the program goes through port 80.
    Is there any way to "detect" the application/x-msn-messenger request, and "force" it to the alternate msn port, 1863, to be detected by IMSpector?

    I would be open to any alternative too.



  • run squid in transparent mode and use the above described configuration to block it on port 80. I guess it wil then fall back to the other port where imspector can capture the traffic.



  • Unfortunately, I have issues running squid in transparent mode (have a post in the packages forum about it) so for now that is not working for me :(


Locked