Using ISA Server 2004 to prohibit offending software

Now Peer-to-peer software is very popular, but also provides a variety of login methods, which gives us to do network management to blockade it, bring a lot of inconvenience. Below I use the domestic commonly used QQ and MSN to introduce to everybody, uses ISA Server 2004 's Enhanced HTTP protocol inspection function, to completely prohibit them.

Since to block them, first of all, QQ and MSN use of the agreement to carry out analysis, to the enemy, to the blockade and the anti-blockade of the contest won.

First introduce MSN. MSN uses the TCP 1863 port to log on. Blocking this port can be a good ban on MSN login, but in the case of using HTTP proxy, MSN can easily break through the limit of 1863 ports.

Say again QQ. QQ Login process is like this, in the default, QQ first to the server group 8000 port to send UDP packets, from the server group's reply to choose one of the fastest as a login server; if there is no server reply, use TCP 80/443 port for connection. Because he can use HTTP direct connection, and generally can not block the HTTP protocol, so the best way to block QQ is to block its server IP. However, if you use the HTTP proxy login, you can still QQ.

The address of the QQ server is as follows, last updated on June 1, 2004. However, Tencent may increase the server at any time, but the policy is very simple, if you can QQ, you are in the QQ system attributes look at the current login server IP, and then add in.

QQ server is divided into three categories:

1, UDP 8000 Port class 18: The fastest, most servers.

QQ Online will send UDP packets to these servers, choose the fastest reply as a connection server.

61.144.238.145

61.144.238.146

61.144.238.156

61.144.238.150

202.104.129.251

202.104.129.254

202.104.129.252

202.104.129.253

61.141.194.203

202.96.170.166

218.18.95.221

219.133.45.15

61.141.194.200