Tip

Instant messaging service blockers

Instant messaging can be a useful business tool when used for business purposes. However, many businesses don't use IM as part of their communications portfolio and the IM traffic is a diversion from their employees' work time. In addition, file sharing can sap network bandwidth. Organizations rightly recognize unregulated IM as a potential source of viruses and worms, identity theft or spoofing, data security exposure, firewall tunneling, and IM spam (often referred to as Spim).

Some well known ports of concern are:

  • 1863 for MSN Instant Messenger
  • 2980 for wimd Instant Messaging Service
  • 4800 for Icona IM System
  • 5050 for Yahoo Instant Messanger
  • 5190 for AOL Instant Messenger

A complete port list is found at

    Requires Free Membership to View

iana.org/assignments/port-numbers. Keep in mind that simply blocking these ports may not be enough. IM clients can use any open port on a firewall such as the HTTP port, Port 80, as well as connect in P2P connections through randomly negotiated ports on a session by session basis. So an application based approach is really required. Therefore many organizations seek to limit or block IM services and it's not a bad idea for an organization to develop and publish an IM policy (look here for an example).

An IM service communicates through a specific port number that is a well known port. If you have a firewall or proxy server you can use this fact to turn off the well known ports that are associated with IM services such as AOL IM, MSN IM and so forth. Products like Zone Labs Enterprise Solutions let you block IM services on an individual basis.

A recent online offering from IMlogic provides a free Internet service for blocking IM, P2P (peer to peer), and VoIP (Voice over IP telephony) services called IM Detector Pro. With this download and Internet based service, an administrator can detect who is using these three types of services and determine what they want to block out. What IMlogic provides is a commercial application called IM Manager to manage these services, and the hope is that once administrators get accustomed to using their software as a blocker that they will sign onto their management service. Other products of this type are FaceTime's IM Auditor and Akonix L7 Enterprise.


Barrie Sosinsky is president of consulting company Sosinsky and Associates (Medfield MA). He has written extensively on a variety of computer topics. His company specializes in custom software (database and Web related), training and technical documentation.


This was first published in October 2004

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.