# blocking an ip port



## sebas (Nov 25, 2004)

at work people are using MSN Messenger to much
how can i block/disable the right ip port on MacOSX 10.3.x
i found several IP-ports of MSN Messenger

I've tried to put these port numers in the OSX Firewall and turning these of, but MSN Messenger still connects.

Found IP-Ports:
5190 (UDP)
1863 (TCP/UDP)
6891-6900


----------



## Zammy-Sam (Nov 25, 2004)

I know about a konfabulator widget that shows used ports and the corresponding application. Don't know if this is of any help, but I will just post it:
http://www.widgetgallery.com/view.php?widget=36005
Good luck!


----------



## bobw (Nov 25, 2004)

msn ports....

  389 : TCP MSN NetMeeting 
  522 : TCP MSN NetMeeting 
  1503 : TCP MSN NetMeeting Whitebord and Application Sharing 
  1720 : TCP MSN NetMeeting 
  1731 : TCP MSN NetMeeting 
  1838 : TCP MSN Messenger (Gamevoice) 
  1863 : TCP/UDP MSN Messenger primary (incoming) 
  2300 : TCP/UDP MSN Gaming Zone DX (incoming) - ports 2300-2400 
  2880 : TCP MSN Gaming Zone (ports 2880-29000). Caution: all ports open will become a security problem! 
  3389 : TCP MSN/Microsoft RDP (Remote Desktop Protocol) for Remote Assistance 
  6667 : TCP MSN Gaming Zone (incoming) 
  6891 : TCP MSN Messenger Filetransfer (incoming) - ports 6891 - 6900, one port per file transfer 
  6901 : TCP/UDP MSN Messenger Voice Telephony (incoming) 
  28800 : TCP MSN Gaming Zone (incoming) - ports 28800 to 29000 
  47624 : TCP MSN Gaming Zone DX (incoming)

http://www.weethet.nl/english/ipports.php


----------



## sebas (Nov 25, 2004)

And now the BIG question:

Is it possible to block these ports on a user computer and not at the router/server???
Or do i have to set up a proxy server or the firewall on the router?
i want to block several users in the network from using MSN Messenger


----------



## bobw (Nov 25, 2004)

You should be able to block services to a machines IP at the router.


----------



## sebas (Nov 25, 2004)

We have a Sweex router
i've setup that the router should route the ip ports to a not existing ip address
but msn messenger still connects

i've set this up for port number: 1863 and 5190

these sweex routers cannot block ip ports


----------



## bobw (Nov 25, 2004)

BrickHouse is what you want, I believe. Put it on the machine, block ports you want, and restrict access to it via Permissions.


----------



## ElDiabloConCaca (Nov 26, 2004)

You can also block ports with Mac OS X's own built-in firewall, available to configure in the "Sharing" pane of System Preferences.


----------



## scruffy (Nov 26, 2004)

Just for clarity - Brickhouse uses the OS X kernel firewall, it's just a much nicer GUI than the OS has included, and lets you configure things to a sensible degree.


----------

