What ports can be blocked to stop chat rooms and instant messaging?
Alexander Dalloz
alexander.dalloz at uni-bielefeld.de
Tue Jan 6 03:58:39 UTC 2004
Am Di, den 06.01.2004 schrieb Bevan Bennett um 04:47:
> Ernest L. Williams Jr. wrote:
>
> >Hi
> >
> >Which port does one block to stop all AIM and chat room related network
> >activity from going in or out?
> >
> >
> I don't know which ports modern IM/chat software uses, but these will
> make for a good start:
>
> [bevan at vyvyn ~]$ grep irc /etc/services
> irc 194/tcp # Internet Relay Chat
> irc 194/udp
> ircs 994/tcp
> ircs 994/udp
> ircd 6667/tcp # Internet Relay Chat
> ircd 6667/udp # Internet Relay Chat
IRC is typically also accessible through port 6668-7000 and even servers
are configured to accept connections on not one of these standard ports.
> Of course, if you can, it's easier and better to block all ports that
> you aren't actively using.
Yes, if you really want to prevent the use of such services you must
block all and then step by step open up again until no regular service
complains/faults any more. And open more ports only if they are really
needed.
But - some folks are really clever and tunnel their applications through
'legal' services. So this business is tricky and often needs more than
just a plain list of blocked ports.
Alexander
--
Alexander Dalloz | Enger, Germany
PGP key valid: made 13.07.1999
PGP fingerprint: 2307 88FD 2D41 038E 7416 14CD E197 6E88 ED69 5653
More information about the fedora-list
mailing list