Problem solve Get help with specific problems with your technologies, process and projects.

Blocking Yahoo Messenger at the firewall

Is it possible to block Yahoo Messenger at the firewall level? If so, how?

Blocking messenger services is difficult but not impossible. The newer messenger applications have been designed to thwart firewalls and other security by searching for an open port OR using the standard HTTP port 80. Most company's have enforced Internet use by blocking all outbound traffic and using a proxy device for connection to the Internet.

A proxy device you say? Yes, a proxy between the internal and external networks that allows you to control who has access to the Internet and what they can see. The proxy can be transparent where the user does not have to enter anything, or you could require a password for each person. In any event, the proxy allows you to track what each port is used for, plus you could block certain IP traffic, IP addresses or additional ports. Simple reporting would allow you to find who is attempting these processes and stop them.

I would recommend implementing an "acceptable use policy" within your company prior to starting punitive action, otherwise you will have no company documentation to support your findings.

Finally, if you don't want to implement a proxy, I hope you have some type of content checking in place. Open/free access to the Internet from any desktop leaves a huge hole open to the internal private networks that could leave your company open to hackers or malicious code. Install some protective measures for the sake to the company.

For news, advice and other information about application security, click here.

This was last published in July 2002

Dig Deeper on Application firewall security

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.