It sounds like what you say might be true, that the messenger tried various ports and chose one of the open ones to work through. I'm not familiar with that software but I have seen software that does that.
As to the open oprts that cannot be closed, it all depends on which direction the ports are open in (outside-to-in, or inside-to-out). I suspect the Linksys guy might have been saying these ports are open from the inside to the outside by default and although you might be able to block others if you want to, you cannot block these. This highlights a couple of things I've experienced, 1) That Linksys kit sometimes has unexpected "features" and limitations, and 2) That although I have to belive Linksys support do know what they are talking about they don't always express it very precisely (and on occasion they're just plain wrong).
Most of the ports you listed are for well-known services anyway so I suppose I can understand why they choose to let them through. Linksys kit is designed with the home user or small office in mind, it's for basic connectivity applications where you don't want to do anything out-of-the-ordinary. And it works fine for that. But if you want total flexibility then it might not do the job for you.
I think as Chris rightly said the solution to your problem lies not with the firewall but with access to sites and resources. You could try web blocking software such as Net Nanny to restrict access to dubious websites. Or another approach if you have multiple user profiles on your machine for different family members is to restrict the more risky software to the trustworthy users only. Finally, you could go the other way and not try to restrict but log everything and review the logs periodically. That way if anything unsavoury is going on you could intervene
Thanks for the input Bishop. Yes, I think you and everyone are right and you have had good suggestions about using 3rd-party software to control access. Indeed as you have all pointed out, this is the ONLY way to control access with the Linksys firewalls or as you so aptly pointed out, just allow everything but monitor and let the kids know they're being monitored and logged.
Interestingly, I just found out that Linksys is trying a brand new conceptin their latest wireless router:
They are including in it a feature called "Parental Control", which apparently they have licensed from Netopia, Inc. It seems very clever, is web site based parental security (their web site somehow) and requires a small annual subscription fee to get continuous updates to the list of safe sites. It seems quite comprehensive (well at least for home use, although there are still security holes if you read the featuers/limitations very carefully!) and may be the best solution to protect and entire families set of PCs on their home network WITHOUT having to install and configure software in each PC in the house. It's also login and password based, so it will work on any old PC, even Win95/Win98 PCs
You're welcome Steve
Just on the logging front, I heard about that from a friend in California who had signed up to a web service that provides, as he described it, "accountability software". I think from his description that the service provider gives you a proxy that you access everything through and which, of course, logs it all. You then have a login to a web page that gives you the info
Re: OMG! Yahoo Messenger Video Shock.
13 years 8 months ago #8746
This looks like it has been resolved. But, can I just add one thing more.
I have a work support laptop with wireless connectivity. The first day I took it home, I switched in on (before I had installed my router which also has wireless connectivity), and discovered that there was a linksys box near my house. Imagine my shock when I discovered that not only could I see it, but, I could login and surf the internet with it. So, if you are looking at monitoring your box, be aware that you may see activity when no-one at home is logged in :!:
Sorry if this is not the sort of thing you wanted to hear, but I thought you should know.