Control MSN Usage on My Router

Block MSN Messenger by router rules (Dlink 604)

As per subject line.....Am trying to "control" usage at home. Common sense approach with daughter has failed miserably, so I want to be able to restrict it to reasonable periods. I have 2 PC's connected to a Netgear DG834 router. Searching on Google has turned little up. I understand MSN Messenger uses port 1863 outbound, but if this is blocked, it will revert back to port 80. I don't want to block that as that's normal http traffic. I can't see an application blocking within Netgear, so am at a loss. Looking for port 1863 outbound in my traffic logs, I found a "common" IP address...in the range 207.46.xxx.xxx. I did a traceback on this, the "ARIN who is" came back with an address range of 207.46.0.0 to 207.46.255.255 as valid for MSN. Went back into the admin of my Dlink router and tried to create a rule around the IP address range 207.46.0.0 to 207.46.255.255, (TCP) This didn't work as I got an error message returned saying it was an "invalid finish IP" and then an "illegal IP range" I tried various combinations but non seemed to work. Only thing I could think of was...my access to the Dlink admin menu is via IE. Could this possibly be preventing me from blocking this range somehow?? I tried single IP addresses and still get the same error. I even tried 216.239.59.147 (Google.co.uk) which worked fine, so I know that what I'm doing on the router will work on some addresses.

Help/guidance appreciated please

Reply to
Don Farrow
Loading thread data ...

As I had said before, you will need to spend a LOT OF MONEY on a solution. You will need to get rid of your hardware router and go to an ICS/Nat box running on Windows XP. Then you will need to install something like Tiny Personal Firewall, and some proxying software. Bascially, you will have to make everything go through a proxy server. You the block ports

1000-5300, as well as port 80 on the Socks proxy, and it will work. Tiny Personal Firewall can keep certain applications on the ICS box from access specific addresses or ports, so you can allow the program handling the HTTP proxy to get out on port 80, while disallowing it on your Socks server. An ICS box using Tiny Personal Firewall is the ONLY way you are going to be able to stop it.
Reply to
Charles Newman

"Don Farrow" wrote in news:n3yae.2472$ snipped-for-privacy@read1.cgocable.net:

I had no problem setting that outbound rule based on the above info using IE to access the WatchGuard admin screen. So the IP (s) are vaild as far as the WG is concerned.

No, IE has nothing to do with it.

I don't know anything about the D-Link and maybe soemone will step in and help or you should call D_link Tech Support to help you. Duane :)

Reply to
Duane Arnold

you could put a scheduled job onto the PC that ran command

route add 207.46.0.0 mask 255.255.0.0 some-address

If you router is on 192.168.1.1 then use 192.168.1.254 for some-address

then to restore at some other time, schedule another job to

route delete 207.46.0.0

How does this work?

It says to the PC if you want to connect to msn, connect through the router at 192.168.1.254 - there is no router there, so it cannot connect

Reply to
no-one

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.