Is there a simple way to block IRC and IM?
Although a common concern, I have not seen a simple way to block IRC and IM. If there is an FAQ for this, please forgive me and point me to it. I have a network at home and at work and use Netgear fvs318 DSL routers. These boxes have the ability to block port ranges as well as keywords in the URL, but not IP ranges.
An IM client can connect in many different ways. The users are smart these days and when it comes to IM, they know it all. If the default connection port is blocked at the gateway, it can be changed at client and get connected. The other ways used are SOCKS or HTTP to connect.
The best way to block any IM from connecting to its service is by blocking access to its Authentication servers. So blocking traffic to this destination will effectively shut it down. But since these authentication servers are added regularly, you will need to update your router/firewall rules accordingly.
Just make sure that the firewall or router you buy works with IP ranges and have a good reporting capability. Sonicwall SOHo3 is a good firewall in this segment and also offers stateful inspection.
This was first published in December 2003