AIM, iChat, etc

H. Peet Foster HPeetFoster-Design at snet.net
Sun Jun 27 07:32:14 PDT 2004 

> From: Chris Scott <crscott at newsguy.com

> ...http://docs.info.apple.com/article.html?artnum=93208
>
> It seems to me that you could simply go into System
> Preferences>Sharing>Firewall, turn the firewall on, and make sure
> that iChat AV is unchecked.  I don't know which ports are used by
> AIM, but that might be addressed in the article.  You would simply
> use the dialogue in the firewall window to add those ports, and
> verify they are unchecked.

I didn't have an "iChat AV" setting in the Firewall pane so I created 
one using the four ports suggested in the link that you posted above: 
5060, 5190, 5297, 5298, turned the firewall on with iChat AV unchecked. 
  Didn't work!  Both iChat and AIM connected, sent and received 
messages, and only Rendezvous was blocked.

> You could start by blocking Port 5190, the AIM default.
>
> ~flipper

Thanks flipper.  See above.  I did try an additional step of blocking 
only Port 5190 to no avail also.

> From: John <simplymail at ururk.com>

> ...If you have a wireless OR wired ethernet router, and if that is the 
> way
> you connect to the internet, you can block the ports in that box.

We are using two airport base stations (grey and an extreme) on an 
extended network.  I am not sure how to turn off ports with the ABS 
software.  It does allow for Port mapping.  However, it does seem a 
little too draconian.

Thanks to all for your suggestions, and especially thanks to MBurke62 
who replied in length OL with really great parental advice.  (I would 
be willing to share with the list - up to you Stephen).

I am still stumped on this one and a little bit cheesed (not at my 
daughter but at AIM/iChat) for the following reasons:

1).	Software can be installed by a non admin user without an admin 
password.  This particular type of software opens ports and allows for 
direct file transfers with a click of the mouse.  Is this not a 
potential security issue?

2).	There does not seem to be a straightforward way to control this 
application.  For instance, it would be useful to disable certain 
components of it such as file transfers or just the video for certain 
users (such as underage kids) while leaving it fully functional for 
other users.  Again, this is from a security standpoint, not a control 
standpoint.

This is way OT to the list, I know, but you all are the best Mac 
brains.  Thanks again for your input.

Peet

More information about the Titanium mailing list