Welcome to Sign in | Join | Help
in
Home Blog Forums

The Lazy Admin

Blocking Instant Messengers With ISA Server

Sponsor

Instant Messenger services are popular and can be quite insecure. As an example, the recent Bropia worm was spread through MSN Messenger forcing a mandatory upgrade of the IM client. For this reason you may wish to block IM traffic and prevent your users from communicating via MSN Messenger, ICQ, etc...

Blocking IM traffic is quite easy with ISA Server 2004. If you are using the Firewall Client on the workstations you can edit the client configuration INI file, mspclnt.ini, to block the application(s). Launch ISA Server Management and expand the Configuration node, then click on the General node. In the General Properties window click on Define Firewall Client Settings to open up the Firewall Client Settings. Click the Application Settings tab.

Click the new button and enter the IM application name (only the name, not the extension). The most popular IM clients are: MSN Messenger - msnmgr.exe and msmsgs.exe Yahoo Instant Messenger - ypager.exe and yupdater.exe AOL Instant Messneger - aim.exe Trillian - trillian.exe GAIM - gaim.exe ICQ - icq.exe I don't use AIM so I'll pick on them and block them in my example!

Set the Key to "disable" and the Value to "1". When complete press OK. The Firewall client configuration is now complete.

Click OK and then click the Apply button in ISA Server Management to apply the changes. The new firewall client settings will get pushed out at the next interval and the IM applications will be blocked. You can use the same process to block IM applications on ISA 2000 however access to the firewall properties configuration is slightly different.

Open the ISA Server Management MMC and expand Servers and Arrays, then expand your server. Click on the Client Configuration node, and then double click on the Firewall Client entry in the right pane. Configure the firewall client in the same manner described above. If you are using SecureNAT instead of the Firewall Client it is still possible to stop IM usage by blocking access to the sites with a Destination Set (ISA 2000) or a Domain Name Set (ISA 2004).

For more information see:

ISA 2000 Destination Sets

ISA 2004 Domain Name Sets





Published Friday, March 04, 2005 7:57 AM by rodney.buike
Filed under:

Comments

No Comments
Anonymous comments are disabled

This Blog

Powered By

 

Syndication

Sponsors

 
 
Get a free 5GB e-mail account @isalazyadmin.com

Affiliates

Canadian IT Professionals

Canadian IT Managers

Certifications & Awards


All postings are provided "AS IS" with no warranties, and confer no rights.
Microsoft product screen shot(s) reprinted with permission from Microsoft Corporation.
Copyright TheLazyAdmin Inc. All Rights Reserved 2004-2008