You need to block access to the login server IP's. If I remember it is login.oscar.aol.com. Just nslookup the ips associated and block them ( I do it via a route to null0)
Same process with Yahoo IM, although you have to block about a million address's it seems like. Both services change IP's regularly and you will need to periodically check to see if new address's are brought on line. Be aware that the process of blocking YIM will sometimes break access to yahoo e-mail servers that are in the same range as the login servers. Also, Be sure to find the Java script client IP address of AOL and block it as well. I didn't know that it existed until I walked by someone's desk and they were just a chatting away. Man was I PO'd bout that one. It is not an easy process to block and keep them blocked. Both services are evolving and finding new ways around firewalls so you have to stay vigilant until you can get those that be to press down and say its not authorized and those using it will be disciplined. Larry -----Original Message----- From: Walls Matthew [mailto:[EMAIL PROTECTED]] Sent: Tuesday, February 05, 2002 10:13 AM To: [EMAIL PROTECTED] Subject: info on blocking aol im [7:34459] Looking to block aol im with pix and 2600s router. Seems to use multiple ports, etc.... Any advice on blocking this?... Matthew J. Walls Sr. Systems Engineer, Systems Development [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=34467&t=34459 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]