This week I received a question from Scott:
Management at my company wants to block AIM (AOL Messenger) on all computers. Because some of the machines are not joined to the domain I want a way to do this from a script. The port is 4099 TCP btw. Thanks!”
I spoke with Scott, and I determined that all of his systems are running Vista or Windows 7 (Important since this tip won’t work on XP).
This can be done by adding an outbound rule to the built in firewall.
But like Scott said, he wants to do it from the command line.
This is easy using the ‘netsh’ command.
To block it we would call it like this:
netsh advfirewall firewall add rule name="BlockAIM" protocol=TCP
dir=out remoteport=4099 action=block
Let me explain each setting:
name = The name of the rule. (Pick something descriptive)
protocol = The protocol we are going to block (UDP or TCP for most cases)
dir = The direction of the block. Can be IN or OUT
remoteport = The port of the remote host that is going to be blocked
action = Could be block or allow. In our case we want to block the connection
Once you execute the above code, all outbound requests to any host on port 4099 will be blocked, and it adds an entry to the Windows firewall:
If you want to remove the rule from the command line, you can call netsh like this:
netsh advfirewall firewall delete rule name="BlockAIM"
That is all there is to it. One line to add a rule, and one line to remove.
One more thing…Subscribe to my newsletter and get 11 free network administrator tools, plus a 30 page user guide so you can get the most out of them. Click Here to get your free tools