• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Tips for msn,yahoo,kazaa

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2000 Misc.] >> Tips & Tricks >> Tips for msn,yahoo,kazaa Page: [1] 2 3   next >   >>
Login
Message << Older Topic   Newer Topic >>
Tips for msn,yahoo,kazaa - 7.Dec.2002 5:43:00 PM   
zzz343

 

Posts: 764
Joined: 19.Feb.2002
From: World's 7th Nuclear Power
Status: offline
Dear All,

There are always new posts regarding problem connecting in Yahoo IM , MSN Messenger, Kazza, iMesh client and other softwares. Here are some tips, always follow them before posting new posts at forum. May be these hints will help you.

HTTP Redirector setting solves many problem initally. Set HTTP Filter to "Send to requested web server." because some softwares,apps requires direct connection with the net and no proxy
between. they need to bypass the web proxy.

Voice and video works only if you connect with no proxy settings, bcoz if you specify any proxy
or socks setting, you will be able to text chat only. Voice n Vdo require direct connection with the opponent user.

Remove authentication for test purpose. Many apps donot have the ability to handshake with the
NTLM authentication.

MSN Messenger / Chat / Voice n Video :
======================================

Msn messenger port = 1863
Servers = messenger.msn.com / gateway.messenger.com
It uses port 1863 by default. If you have trouble connecting messenger with default "no proxy"
setting,You can also configure it to use port 80 or socks 4.

MSN Vocie and video donot work with ISA, because it donot support uPNP protocol. Some time it
works or some time it don't. If other person connected directly to iNternet sends you request for voice conversation then it may work, but it's not always work.

Yahoo Messenger / Chat / Voice n Video :
========================================

Yahoo Messenger Port = 5050

Yahoo uses 5050 to Messenger servers,If you wish to know what ports Messenger uses, this is the
order in which Messenger scans:

5050
80
All available

In order to use all the Yahoo! Messenger Webcam features, your firewall must permit incoming and
outgoing TCP connections on port 5100
If yahoo IM donot connect, point it to use http proxy or socks 4.

Kazaa, iMesh Client :
=====================

Kazaa Port : 1214 / TCP / Outbond
iMesh : 6699 / TCP / Oubond
New version of KAZAA uses smart technology and port 80 if default ports are blocked or not
available. so no extra config is required. only FWC is required OFFCOURSE. :>

[ March 25, 2003, 01:45 PM: Message edited by: Pinochio ]
Post #: 1
RE: Tips for msn,yahoo,kazaa - 10.Dec.2002 8:22:00 AM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Syed,

Nice tips!

Thanks!

Tom

(in reply to zzz343)
Post #: 2
RE: Tips for msn,yahoo,kazaa - 31.Jan.2003 3:47:00 AM   
pemi

 

Posts: 1
Joined: 30.Jan.2003
From: Herts
Status: offline
Excellent tips sorted out a n ongoing problem with clickatell messenger

Thanks a lot

Oskins

(in reply to zzz343)
Post #: 3
RE: Tips for msn,yahoo,kazaa - 4.Feb.2003 8:52:00 AM   
zzz343

 

Posts: 764
Joined: 19.Feb.2002
From: World's 7th Nuclear Power
Status: offline
Hello Oskins,

Thanks!

(in reply to zzz343)
Post #: 4
RE: Tips for msn,yahoo,kazaa - 7.Feb.2003 9:14:00 PM   
Benjamin

 

Posts: 55
Joined: 17.Sep.2001
From: Monterrey, NL, Mexico
Status: offline
Hi Pinochio ..

I try to block Yahoo Messenger but I can¦t

I have the rule by user to block port 5100, 5101 and 5050 but I still go out.

Do you have any idea.

Thanks

(in reply to zzz343)
Post #: 5
RE: Tips for msn,yahoo,kazaa - 8.Feb.2003 9:02:00 AM   
zzz343

 

Posts: 764
Joined: 19.Feb.2002
From: World's 7th Nuclear Power
Status: offline
Hi Benjamin,

These are the servers listing, which yahoo messenger uses for different services, you can block these ports OR you can make an deny rule in S&C to block these destination. [Big Grin]

Yahoo iNstatnt Messenger:
=========================

Protocol: TCP or HTTP
Servers:
scs.msg.yahoo.com
scsa.msg.yahoo.com
scsb.msg.yahoo.com
scsc.msg.yahoo.com
Port: 20,23,25,80,119,5050,8001,8002

Webcam Connection:
==================
Protocol: TCP
Server: webcam.yahoo.com
Port: 5100
File Transfer Connection:
Protocol: HTTP
Server: filetransfer.msg.yahoo.com
Port: 80

File Sharing Connection:
========================
Protocol: HTTP
Port: 80

Voice Chat Connection:
======================

Protocol: UDP or TCP
Servers:
vc.yahoo.com
v1.vc.scd.yahoo.com
v2.vc.scd.yahoo.com
v3.vc.scd.yahoo.com
v4.vc.scd.yahoo.com
v5.vc.scd.yahoo.com
v6.vc.scd.yahoo.com
v7.vc.scd.yahoo.com
v8.vc.scd.yahoo.com
v9.vc.scd.yahoo.com
v10.vc.scd.yahoo.com
v11.vc.scd.yahoo.com
v13.vc.sc5.yahoo.com
vc1.vip.scd.yahoo.com
Ports: 5000-5010

[ March 12, 2003, 09:14 AM: Message edited by: Pinochio ]

(in reply to zzz343)
Post #: 6
RE: Tips for msn,yahoo,kazaa - 19.Feb.2003 1:59:00 PM   
rkincer

 

Posts: 39
Joined: 25.Jun.2002
From: Cincinnati
Status: offline
This is great information, thanks for the work. While reading your wealth of information I did have a thought that I thought I'd get an opinion on.
Let's say you want to block an instant messenger from being used, the workstations are set up as Proxy Clients with the Firewall client installed and the HTTP Redirector disabled, couldn't you place the name of application to be blocked in the Firewall Client Properties, set to Disabled with a value of "1"? Wouldn't that prevent that client from getting out? CouldnĘt this be used to block about any Winsock application?

Thanks,

Rick

(in reply to zzz343)
Post #: 7
RE: Tips for msn,yahoo,kazaa - 20.Feb.2003 8:36:00 AM   
zzz343

 

Posts: 764
Joined: 19.Feb.2002
From: World's 7th Nuclear Power
Status: offline
Hello Rick,

According to Tom's article regarding 'Howto block dangerous applications" using FWC apps name, it never worked for me. If this works, it will be very good. Like I want to block kazaa which is an ongoing problem for all network admins, as it sucks the whole bandwith pipe, i create app name kazaa.exe and set it value to disable=1, at client i updated mspclnt, but it didn't work out. Check for yourself, and see if it works, [Confused]

(in reply to zzz343)
Post #: 8
RE: Tips for msn,yahoo,kazaa - 21.Feb.2003 8:42:00 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Syed,

I guarantee that it works. But the clients must be configured as Firewall clients ONLY. If they are configured as SecureNAT clients, by can access the mspclnt.ini settings.

HTH,
Tom

(in reply to zzz343)
Post #: 9
RE: Tips for msn,yahoo,kazaa - 19.Mar.2003 2:56:00 PM   
tianto

 

Posts: 4
Joined: 19.Mar.2003
Status: offline
Hi...! is there a way to block only some users to use MS Messenger?
all the info I found is only for blocking all users...!

Thanks in advance..!

Sebastian

(in reply to zzz343)
Post #: 10
RE: Tips for msn,yahoo,kazaa - 19.Mar.2003 4:42:00 PM   
zzz343

 

Posts: 764
Joined: 19.Feb.2002
From: World's 7th Nuclear Power
Status: offline
Hello Sebastian,

Yes, there is a way to block specific users only instead of all. Here are the steps ...

First create an deny rule in Protocol Rules which denies msn predefine protocol (tcp/1863), to specific client address/users group.

Now create an destination set name 'messenger gateway' with this site address
gateway.messenger.com / messenger.msn.com

Now create an deny rule in Site & Content Rule to Deny this destination set name 'messenger gateway'
to specific client address set/users groups only.

You can also schedule to block some users at specific timings only. [Big Grin]

Happy Blocking !

(in reply to zzz343)
Post #: 11
RE: Tips for msn,yahoo,kazaa - 19.Mar.2003 7:16:00 PM   
tianto

 

Posts: 4
Joined: 19.Mar.2003
Status: offline
Thanks Pinochio..! I¦ll try it..!

Bye

Sebastian

[Wink]

(in reply to zzz343)
Post #: 12
RE: Tips for msn,yahoo,kazaa - 3.Sep.2003 1:32:00 PM   
hardnrash

 

Posts: 32
Joined: 6.Jul.2003
From: Multan
Status: offline
Thanx~ realy nice tips

(in reply to zzz343)
Post #: 13
RE: Tips for msn,yahoo,kazaa - 24.Oct.2003 10:46:00 PM   
Guest
Hi Syed,
I see you mentioned adding "kazaa.exe" to the FWC list. Add "kazaa" without the ".exe" and the blocking should work fine. I've been blocking it successfully using this method. Ofcourse some people act "smart" and change the name of the executable... well for that (since I believe you run a cablenet service) I would suggest that you block all net access for those customers that don't behave. I've found it to be the most effective method to stop bandwidth abuse.

My own method has been to allow only those ports which are deemed necessary on the network. I currently have all major apps running perfectly with voice and webcam capabilities, while blocking all P2P apps.

Regards,
Imran

Karachi, Pakistan

(in reply to zzz343)
  Post #: 14
RE: Tips for msn,yahoo,kazaa - 5.Nov.2003 4:17:00 AM   
iahsan

 

Posts: 29
Joined: 24.Oct.2003
From: Karachi
Status: offline
In addition to the above... add "kazaalite" to FWC and disable it as well.

Imran

(in reply to zzz343)
Post #: 15
RE: Tips for msn,yahoo,kazaa - 14.Nov.2003 7:43:00 PM   
cpics

 

Posts: 44
Joined: 12.Nov.2003
From: pakistan
Status: offline
i want o know how did we set this settings in ISA server and wat abt msn6 this thing realy makes my user fadup and me terribly worried msn6 is not working well althoug i hv an individual firewall server give me the tip for msn6
thanks

(in reply to zzz343)
Post #: 16
RE: Tips for msn,yahoo,kazaa - 15.Nov.2003 10:33:00 AM   
alien

 

Posts: 1
Joined: 11.Nov.2003
From: egypt
Status: offline
can u help me i want to work overnet ana edonkey
through isa i tried to open the TCP and UDP ports but still i cant have direct access [Mad]

(in reply to zzz343)
Post #: 17
RE: Tips for msn,yahoo,kazaa - 16.Nov.2003 11:45:00 AM   
cpics

 

Posts: 44
Joined: 12.Nov.2003
From: pakistan
Status: offline
hi
i want to know the direction of ports is it inbound or outbound and one more thing how to set these servers on isa from where should i set all these servers for webcam voice and others

(in reply to zzz343)
Post #: 18
RE: Tips for msn,yahoo,kazaa - 18.Nov.2003 1:51:00 PM   
cpics

 

Posts: 44
Joined: 12.Nov.2003
From: pakistan
Status: offline
hi pinoceo
i want the direction of these ports of yahoo messenger

(in reply to zzz343)
Post #: 19
RE: Tips for msn,yahoo,kazaa - 28.Nov.2003 9:48:00 AM   
drmartinfuchs

 

Posts: 2
Joined: 28.Nov.2003
From: U.A.E.
Status: offline
Audio Conversation for MSN MESSENGER via ISA:
Additionally to your comment to open TCP port 1863, there is more information in Microsoft Knowledge Base Article - 284554 (How to: Add Support for MSN Messenger Net2Phone in Internet Security and Acceleration server 2000).
I tried the steps described in this article to achieve audio conversation; I opened the Primary Connection TCP 1863 outbound, and the Secondary Connections UDP 5004-65535 Send Receive, TCP 6891-6900 Inbound, TCP 6891-6900 Outbound, and TCP 6901 Outbound.
Further I updated the Firewall Client with [msmsgs]; NameResolutionForLocalHost=E; RemoteBindUdpPorts=0,6901.
Now the MSN Messenger recognices that it is connected to the ISA server as shown in the MSN Messenger TOOLS - OPTIONS - CONNECTION - Advanced Connection Information.
However, still the Audio Connection does not work in both directions.
Also, with reference to Microsoft Knowledge Base Article - 278887, MSN Messenger shall work with Voice Connections via Proxy Server (e.g., ISA).
Please share with me experience, to configure ISA for MSN Messenger, Voice or Audio Connections.
best regards
Martin

(in reply to zzz343)
Post #: 20

Page:   [1] 2 3   next >   >> << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2000 Misc.] >> Tips & Tricks >> Tips for msn,yahoo,kazaa Page: [1] 2 3   next >   >>
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts