Block Port 80 for Windows Live Messenger to save bandwidth?

Hi :slight_smile:

I am trying to block the ads on Windows Live Messenger as I am sometimes using a NextG connection which is hideously expensive.

I tried setting a rule to allow certain ports, but it seems to break. I instead would like to just block port 80 and allow all others, but can’t see how to make two rules at once. If I block port 80 Comodo asks permission to contact DNS, etc, and just creates a new rule, ignoring the existing block rule.

Can anyone help here?

Cheers, Mike.

G’day and welcome to the forums.

Good to see another Aussie on board.

You do realise that NextG is Telstra’s nice way of asking for your next thousand dollars, don’t you? LOL

It is possible to set up a rule to block port 80 for a specific application.

In CFP V3 Beta2, click on FIREWALL - ADVANCED - APPLICATION RULES. Scroll down and find the existing rule for Messenger. Select it and click REMOVE (after noting the name of the Messenger executable). Now click ADD. Select the Messenger executable and then click the ADD button to specify how we want Messenger to be able to communicate. Use the following parameters;

Action : ALLOW
Protocol : TCP or UDP
Direction : IN/OUT
Description : Type in a name for this rule that makes sense to you
Source Address : ANY
Destination Address : ANY
Source Port : ANY
Destination Port : (CLICK THE EXCLUDE OPTION) 80

This Applicaton Policy will stop all outbound Messenger traffic destined for port 80. Whether Messenger will tolerate having its ads blocked or not is unknown.

If you’re using CFP V2, the above rule is created in pretty much the same manner, but in the Application Monitor. The only real difference is that you can’t give your rule a user definable description.

Please post back here if this rule works out. I’m sure there are other NextG (or any other wireless broadband provider) users that could benefit.

Hope this helps,
Ewen :slight_smile:

G’day Panic :slight_smile:

Thanks!

OK, I tried what you suggested - removed entries, browsed for Windows Live Messenger (still in the MSN Mesenger program files folder) and created the rule as suggested.

This is version 2 by the way (2.4.18.184)

Unfortunately, as soon as I open Messenger, it asks if Messenger is allowed to act as a server, and then if it has permission to talk on port 53 (dns) which of course I have to accept if it’s going to work. Thereafter the port 80 restriction is ignored. If I allow it and tick the always box, then a second rule appears under Application Monitor.

Perhaps I should try version 3?

By the way, I normally use Miranda instead of Messenger, but occasionally customers want to test webcams, etc, so I forget to turn it off. Using the images-show-hide extension and the NoFlash extensions in Firefox also help to save precious bandwidth on NextG. Remembering to turn Hamachi off also helps :wink:

Cheers, Mike.

Hey Mikey,

Do a search for the ports that Messenger is actually using and set up explicit rules for those ports/protocols (including one for DNS). If you have explicit rules in place, it won’t attempt to create generic ones that override any other specific ones.

Cheers,
Ewen :slight_smile:

Alert Frequency is the caveat to that, though. If AF level is set lower than High (to include Port detail), any change giving a popup to which user responds Allow w/Remember will create an entirely new rule based on the AF level, and overwrite all previous rules of more detail for that application.

If you want to control Port access consistently, you will have to change AF to High; this will be a globally-applied setting for all applications. Fortunately for most applications that won’t matter.

LM

Hey Mac,

I thought that if he manually creates the rules for all required ports before running Messenger, he wouldn’t get any pop-ups, therefore there wouldn’t be any new “looser” rules made, regardless of the AF setting.

Is my line of thinking correct or have I missed something?

Ewen :slight_smile:

IF the rule is created such that there is absolutely no reason for CFP to give an alert - ie, the details must match exactly, then there would not be an alert; you are correct in that.

However, if there is the slightest detail of difference (and with WLM that seems to be likely) there will be. The first time any component (or the application itself) updates or changes in any way and the user responds with Allow & Remember… poof! The existing rule(s) are gone.

If you look at Windows KB articles on all the versions of Messenger, it essentially requires free access to virtually every port; this will vary depending on which version is connecting to which version, what you’re using it for, and so on. That’s why I think it would be very difficult to create application rules to control its port access without changing the AF Level to High.

LM

hi, my name is carlos and im trying to block the live msn access on my computer, so mi question is how can i do that?? im a begginer on this of the firewalls, and i was thinking that the windows firewall was the only one… (:AGL), well i start to find and found this one, and i need to protect it with a password with the purpose that don`t be unistalled for anyone

can i do all with comodo??

thanx

i hope some comments

Carlos, if you want to block MSN Live Messenger, you would do so in manually Application Monitor. You also have the option to Define it as a New Banned Application in Security/Tasks (this would be the easiest route, as it would automatically add appropriate Application rule(s).

Of course, you could always uninstall MSN Live Msgr…

Oh, and at the present time, password/security control is not available for CFP 2.4. CFP v3 (currently in Beta testing) does have it, but as stated, that is still in Beta testing and not fit for general usage.

LM

PS: Welcome to the forums.

hi,

did you look google for stop that?

i dont think a firewall can do.

Mike

Panic
this was not my experiance for 2.4
I had my alert freq Medium and created speciftc rules blocking or allowing applications and CFP2.4 would prompt me and create general rules and place them above my rules for applications I had already created general rules even if the ports were already denied and/or I denied them I would loose conectivity for at least that app. and at times comletely

and I tried

setting my alert frequencies high and creating general rules blocking or allowing applications and CFP2.4 would prompt me and create to specific rules and place them above my rules for applications I had already created general rules
this was the better option however it led to alot of pop-ups

OD

PS I did like LM suggestion tha should work very well

Edit Note: section on the beta Deleted

Try this :wink: