blocking yahoo messenger based on The order in which Yahoo Messenger scans for available ports is:
1. port 5050
2. port 80
3. All available ports
is impossible,"its better disconnect internet :)"
the other way is to block yahoo messenger service addresses, like:
scs.msg.yahoo.com
scsa.msg.yahoo.com
scsb.msg.yahoo.com
scsc.msg.yahoo.com
and or these ip's like this:
/sbin/iptables -A OUTGOING -d 63.216.136.22 -j DROP
/sbin/iptables -A OUTGOING -d 66.135.224.142 -j DROP
/sbin/iptables -A OUTGOING -d 66.136.175.132 -j DROP
/sbin/iptables -A OUTGOING -d 66.163.168.105 -j DROP
/sbin/iptables -A OUTGOING -d 66.163.172.117 -j DROP
/sbin/iptables -A OUTGOING -d 66.163.173.76 -j DROP
/sbin/iptables -A OUTGOING -d 66.163.173.77 -j DROP
/sbin/iptables -A OUTGOING -d 66.163.173.78 -j DROP
/sbin/iptables -A OUTGOING -d 66.163.173.203 -j DROP
/sbin/iptables -A OUTGOING -d 66.163.175.128 -j DROP
/sbin/iptables -A OUTGOING -d 66.163.178.78 -j DROP
/sbin/iptables -A OUTGOING -d 204.71.200.36 -j DROP
/sbin/iptables -A OUTGOING -d 204.71.200.37 -j DROP
/sbin/iptables -A OUTGOING -d 204.71.201.134 -j DROP
/sbin/iptables -A OUTGOING -d 204.71.201.141 -j DROP
/sbin/iptables -A OUTGOING -d 216.136.173.172 -j DROP
/sbin/iptables -A OUTGOING -d 216.136.173.179 -j DROP
/sbin/iptables -A OUTGOING -d 216.136.175.132 -j DROP
/sbin/iptables -A OUTGOING -d 216.136.175.142 -j DROP
/sbin/iptables -A OUTGOING -d 216.136.175.143 -j DROP
/sbin/iptables -A OUTGOING -d 216.136.175.144 -j DROP
/sbin/iptables -A OUTGOING -d 216.136.175.145 -j DROP
/sbin/iptables -A OUTGOING -d 216.136.175.145 -j DROP
/sbin/iptables -A OUTGOING -d 216.136.175.226 -j DROP
/sbin/iptables -A OUTGOING -d 216.136.224.134 -j DROP
/sbin/iptables -A OUTGOING -d 216.136.224.142 -j DROP
/sbin/iptables -A OUTGOING -d 216.136.224.213 -j DROP
/sbin/iptables -A OUTGOING -d 216.136.224.213 -j DROP
/sbin/iptables -A OUTGOING -d 216.136.224.214 -j DROP
/sbin/iptables -A OUTGOING -d 216.136.225.12 -j DROP
/sbin/iptables -A OUTGOING -d 216.136.226.117 -j DROP
/sbin/iptables -A OUTGOING -d 216.136.226.118 -j DROP
/sbin/iptables -A OUTGOING -d 216.136.226.209 -j DROP
/sbin/iptables -A OUTGOING -d 216.136.226.210 -j DROP
/sbin/iptables -A OUTGOING -d 216.136.227.168 -j DROP
/sbin/iptables -A OUTGOING -d 216.136.233.129 -j DROP
/sbin/iptables -A OUTGOING -d 216.136.233.130 -j DROP
/sbin/iptables -A OUTGOING -d 216.136.233.131 -j DROP
/sbin/iptables -A OUTGOING -d 216.136.233.133 -j DROP
/sbin/iptables -A OUTGOING -d 216.136.233.135 -j DROP
/sbin/iptables -A OUTGOING -d 216.136.233.148 -j DROP
/sbin/iptables -A OUTGOING -d 216.136.233.151 -j DROP
/sbin/iptables -A OUTGOING -d 216.136.233.152 -j DROP
but, in new version of yahoo messenger i can connect.
is any other way to block yahoo messenger? or is fault in my above solutions?
This will reject requests on port 5050 going to any ip, please try it and let me know if it works for you
From what i read yahoo can use the http port aswell and i belive a fine way to catch it on the http would be having squid working on it.
You could block these aswell.
If yahoo messenger then tries to adapt itself picking up any other port you would need to start your firewall having a DROP ALL rule and then openning what you actually need, For example:
Let's say your network is 192.168.1.0/24, the bellow rule will block it:
From here you would create what you want to permit, for example:
Then if you have squid acting for http, https requests, etc. You would redirect it to squid, from squid you would filter http/s and any other related application from accessing the internet from that network.
You could aswell use squid with squidguard.
why not just give those hostnames a bogus IP (either via CNAME or A) in DNS rather than dropping the packets. seems like it would be less of a load on your firewall (and fewer rules).