Instant messaging can be a useful business tool when used for business purposes. However, many businesses don't
use IM as part of their communications portfolio and the IM traffic is a diversion from their employees' work time. In addition, file sharing can sap network bandwidth. Organizations rightly recognize unregulated IM as a potential source of viruses and worms, identity theft or spoofing, data security exposure, firewall tunneling, and IM spam (often referred to as Spim).
Some well known ports of concern are:
- 1863 for MSN Instant Messenger
- 2980 for wimd Instant Messaging Service
- 4800 for Icona IM System
- 5050 for Yahoo Instant Messanger
- 5190 for AOL Instant Messenger
A complete port list is found at iana.org/assignments/port-numbers. Keep in mind that simply blocking these ports may not be enough. IM clients can use any open port on a firewall such as the HTTP port, Port 80, as well as connect in P2P connections through randomly negotiated ports on a session by session basis. So an application based approach is really required. Therefore many organizations seek to limit or block IM services and it's not a bad idea for an organization to develop and publish an IM policy (look here for an example).
An IM service communicates through a specific port number that is a well known port. If you have a firewall or proxy server you can use this fact to turn off the well known ports that are associated with IM services such as AOL IM, MSN IM and so forth. Products like Zone Labs Enterprise Solutions let you block IM services on an individual basis.
A recent online offering from IMlogic provides a free Internet service for blocking IM, P2P (peer to peer), and VoIP (Voice over IP telephony) services called IM Detector Pro. With this download and Internet based service, an administrator can detect who is using these three types of services and determine what they want to block out. What IMlogic provides is a commercial application called IM Manager to manage these services, and the hope is that once administrators get accustomed to using their software as a blocker that they will sign onto their management service. Other products of this type are FaceTime's IM Auditor and Akonix L7 Enterprise.
Barrie Sosinsky is president of consulting company Sosinsky and Associates (Medfield MA). He has written extensively on a variety of computer topics. His company specializes in custom software (database and Web related), training and technical documentation.