MSN Messenger and Remote Assistance

Discussion in 'MCSE' started by RedCell, Oct 13, 2005.

  1. RedCell

    RedCell Guest

    Hi all,

    I'm ready the first book for MCSE / MCSA, 70-290 - Managing and Maintaining
    a Microsoft Windows Server 2003 Environment.

    In part II they are speaking about MSN Messenger and Remote Assistance.
    In the case it says:


    Case Scenario Exercise

    As part of the Remote Administration of your enterprise, your company has
    enabled Remote Assistance on each computer. Your sales representatives
    travel frequently, and use laptops to perform their work while they travel.

    On your internal network, you use Windows Messenger for spontaneous
    communication with your clients, and for Remote Assistance. You do not,
    however, allow for Instant Messenger traffic across the Internet by closing
    port 1863 at the firewall.

    You want to perform Remote Assistance for your remote users, but cannot
    connect to them with Windows Messenger to determine whether they are online.


    I was wondering, how do they use Messenger on the internal network when they
    have blocked the MSN internet traffic?
    I want to block the MSN traffic and blocked port 1863 but MSN still
    connects, what port do i need to close to block MSN?
    RedCell, Oct 13, 2005
    #1
    1. Advertising

  2. RedCell

    MitchS Guest

    "RedCell" <> wrote in message
    news:58ee2$434e5186$52cc236a$...
    > I was wondering, how do they use Messenger on the internal network when
    > they
    > have blocked the MSN internet traffic?


    Cause it's not going over the firewall to the intarweb.

    > I want to block the MSN traffic and blocked port 1863 but MSN still
    > connects, what port do i need to close to block MSN?


    Personally I would disallow it's use in a GPO. I think that would be
    easiest.
    --
    Mitch "yer such a Jameshole" S.
    MCSA, A+, Net+, CCNA
    "Place your bet - Ah say - place your bets, gentlemen.
    Winnner plays, loser stays. Everyone's a winne - well, not everyone."
    MitchS, Oct 13, 2005
    #2
    1. Advertising

  3. Messenger uses three different servers. One for login, one for presence, and
    one for messages. You'll need to block all three ports.

    "MitchS" <m remove this > wrote in message
    news:u4AnMO$...
    > "RedCell" <> wrote in message
    > news:58ee2$434e5186$52cc236a$...
    >> I was wondering, how do they use Messenger on the internal network when
    >> they
    >> have blocked the MSN internet traffic?

    >
    > Cause it's not going over the firewall to the intarweb.
    >
    >> I want to block the MSN traffic and blocked port 1863 but MSN still
    >> connects, what port do i need to close to block MSN?

    >
    > Personally I would disallow it's use in a GPO. I think that would be
    > easiest.
    > --
    > Mitch "yer such a Jameshole" S.
    > MCSA, A+, Net+, CCNA
    > "Place your bet - Ah say - place your bets, gentlemen.
    > Winnner plays, loser stays. Everyone's a winne - well, not everyone."
    >
    Microcephalic S. Bob, Oct 13, 2005
    #3
  4. RedCell

    Neil Guest

    did you hear "RedCell" <> say in
    news:58ee2$434e5186$52cc236a$:

    > I was wondering, how do they use Messenger on the internal network
    > when they have blocked the MSN internet traffic?


    Live Communications Server or MSN Messanger Conect for Enterprises.
    Likely Live Comm though...

    > I want to block the MSN traffic and blocked port 1863 but MSN still
    > connects, what port do i need to close to block MSN?


    becuase in many cases MSN IM will then drop down to using port 80 for
    communication. As mentioned by Mitch, GPO in 2003 can resrtict usage of
    software, either by path (then they install it into another directory),
    or by hash (then the upgrade wont get caught), by internet zone or by
    certificate. and all they will need to get around that would be to use
    something like trillian for IM or even better, use the web version of
    MSN. you may want to consider adding a black hole to your DSN entries for
    http://webmessenger.msn.com/ and pull out a sniffer (ethereal) to find
    what the full client uses for a URL and forward that one to Dave Null
    too.

    --
    Neil MCNGP#30

    - Enter any 11-digit prime number to continue:
    Neil, Oct 13, 2005
    #4
  5. RedCell

    RedCell Guest

    Is the GPO available in Windows 2000 Server?


    "MitchS" <m remove this > schreef in bericht
    news:u4AnMO$...
    > "RedCell" <> wrote in message
    > news:58ee2$434e5186$52cc236a$...
    >> I was wondering, how do they use Messenger on the internal network when
    >> they
    >> have blocked the MSN internet traffic?

    >
    > Cause it's not going over the firewall to the intarweb.
    >
    >> I want to block the MSN traffic and blocked port 1863 but MSN still
    >> connects, what port do i need to close to block MSN?

    >
    > Personally I would disallow it's use in a GPO. I think that would be
    > easiest.
    > --
    > Mitch "yer such a Jameshole" S.
    > MCSA, A+, Net+, CCNA
    > "Place your bet - Ah say - place your bets, gentlemen.
    > Winnner plays, loser stays. Everyone's a winne - well, not everyone."
    >
    RedCell, Oct 13, 2005
    #5
  6. RedCell

    RedCell Guest

    What are the port numbers?
    I can only find one. (1863)

    "Microcephalic S. Bob" <http://www.planetoftheheads.com/> schreef in bericht
    news:OAst0a$...
    > Messenger uses three different servers. One for login, one for presence,
    > and one for messages. You'll need to block all three ports.
    >
    > "MitchS" <m remove this > wrote in message
    > news:u4AnMO$...
    >> "RedCell" <> wrote in message
    >> news:58ee2$434e5186$52cc236a$...
    >>> I was wondering, how do they use Messenger on the internal network when
    >>> they
    >>> have blocked the MSN internet traffic?

    >>
    >> Cause it's not going over the firewall to the intarweb.
    >>
    >>> I want to block the MSN traffic and blocked port 1863 but MSN still
    >>> connects, what port do i need to close to block MSN?

    >>
    >> Personally I would disallow it's use in a GPO. I think that would be
    >> easiest.
    >> --
    >> Mitch "yer such a Jameshole" S.
    >> MCSA, A+, Net+, CCNA
    >> "Place your bet - Ah say - place your bets, gentlemen.
    >> Winnner plays, loser stays. Everyone's a winne - well, not everyone."
    >>

    >
    >
    RedCell, Oct 13, 2005
    #6
  7. RedCell

    Neil Guest

    did you hear "RedCell" <> say in news:9494a$434e6741
    $52cc236a$:

    >
    > Is the GPO available in Windows 2000 Server?


    no

    --
    Neil MCNGP#30

    - Hollow points: When you care enough to send the very best!
    Neil, Oct 13, 2005
    #7
  8. RedCell

    Neil Guest

    did you hear "RedCell" <> say in news:e0bb5$434e6900
    $52cc236a$:

    >
    > What are the port numbers?
    > I can only find one. (1863)


    often dymanically selected by the client.

    --
    Neil MCNGP#30

    - "We're philosophers. We think, therefore we am."
    Neil, Oct 13, 2005
    #8
  9. "RedCell" <> wrote
    > What are the port numbers?
    > I can only find one. (1863)


    My advice here is simple... Uninstall messenger. Put a dummy executable in
    the place of msmsgs.exe that can't get overwritten by the install, and that
    shows a picture of tubgirl whenever it's clicked. If she's as hideous as
    people are saying, that should stop people from running the program. Also,
    display the wrong number for tech support on the app, so people don't call
    you about it.
    Microcephalic S. Bob, Oct 13, 2005
    #9
  10. RedCell

    CBIC Guest

    Microcephalic S. Bob wrote:
    > "RedCell" <> wrote
    >> What are the port numbers?
    >> I can only find one. (1863)

    >
    > My advice here is simple... Uninstall messenger. Put a dummy
    > executable in the place of msmsgs.exe that can't get overwritten by
    > the install, and that shows a picture of tubgirl whenever it's
    > clicked. If she's as hideous as people are saying, that should stop
    > people from running the program. Also, display the wrong number for
    > tech support on the app, so people don't call you about it.



    Bob, you are a freakin' genius.
    --
    aka
    Doom MCNGP #38
    Is that a burdizzo in your pocket or are you just glad to see me.
    CBIC, Oct 13, 2005
    #10
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Peter Sale
    Replies:
    1
    Views:
    11,961
    Robin Walker
    Dec 11, 2004
  2. The Prophecy
    Replies:
    1
    Views:
    5,025
    ┬░Mike┬░
    Jun 18, 2004
  3. anthonyberet
    Replies:
    0
    Views:
    915
    anthonyberet
    Oct 8, 2006
  4. wewa
    Replies:
    3
    Views:
    2,055
    Andre Da Costa [Extended64]
    Jul 15, 2005
  5. Kyote

    Windows Live Messenger and Remote Assistance problem

    Kyote, Mar 9, 2008, in forum: Computer Information
    Replies:
    6
    Views:
    10,493
    thomcat7777
    Apr 18, 2009
Loading...

Share This Page