OK, this is now a personal challenge

I’ve got a few people, just a very few, that I’d like to be able to IM chat with while I’m at my desk at work. A couple are work related, plus my wife. But the IT gurus here at work have effectively blocked out the ability to use IM on our network. In fact, I can’t even go to the Yahoo Messenger link due to our firewall.

Is it really important for me to be able to use AIM or Yahoo Messenger at work? Nah. It would be nice, but it’s not critical. But someone here at work told me it was “impossible” to make it work - and that just pushed my button.

So - is there a clever but effective way to get an IM to work in spite of network admins’ firewalls? Heck, my daughter sure seems to be able to get it to work in spite of any type of home network blocking (I’m not against her using it, she just would stay on it until 4:00 am on school nights if I didn’t drag her off.)


I can think of many potential ways around such a blockage, but they all get pretty technical and lots involve the idea that you have to control some sort of server outside the firewalled network.

What I do to dodge all this crap at work is tunnelling, basically a subset of VPN functionality. I negotiate an encrypted link to my home linux system from my work linux system over a port that is unfiltered. 80 or 22 are often good choices. Then once the traffic has been redirected to my home system, it can reroute back out to the internet on any port/protocol I desire since the work firewall has been completely bypassed.

P.S. this is all of course completely hypothetical. I would never violate the security policies that the fine upstanding network administrators at my company have put in place.

Have you tried changing the ports that AIM uses? also you can use the web based AIM client and that will still work.

its called AIM express. Also AIM can use a damn lot of ports. I am sure you could find one thats open.


“The Website you have attempted to visit is being blocked by content filtering software in accordance with company policy.”


If your company went to the trouble of blocking IM, they would probably get upset if you bypass those measures. Don’t fuck with your job, man. Pick up 12 year old girls on your own time.

Here’s a fun way to get IM at work. Get a vendor or somebody external that you need to liase with to send an email along the lines of “we need to get in touch on important topic X, my IM name is”.

Then fill out a helpdesk ticket complaining that you can’t get IM to work.

I’ve seen this tactic work, the helpdesk actually got the network admins to remove IM filtering because it was a “necessary business communication application”

Are they blocking the Trillian client as well? It’s my client of choice, and it may have gone under their radar.

They don’t have to block clients, they block the ports and addresses that the IM protocols use to communicate.

It’s not unusual in places with semi-decent admins to set the firewall to block everything by default, force a web proxy, and only allow proxied, filtered mail traffic from the mail server’s IP address. Given that they’re filtering your web content, I’d say a web proxy is no doubt in place and port 80 traffic is caught, filtered and redirected if allowed. Unless some other port is open, which would be odd considering it doesn’t take much know how to lock it all down I’d say you’re likely SOL.

Well, there’s always something like this: http://www.http-tunnel.com/html/

You could setup your own version as well.

Do they block the ports for Remote Desktop?

Set up Remote Desktop on your home PC and run Trillian there. Then just TS into the home PC and run it in a window to do some chattin’.

Or get a Samsung i730 and chat via EVDO.

I use remote desktop with encryption turned on. Run your sensitive junk at home, access it through remote desktop. I’m also running it on a nonstandard port.

Encryption and port are both server-side registry settings in XP Pro RD.

But, as he mentioned above, they’re also blocking the sites from which you download the clients, thereby restricting him from trying anything out at all. With Trillian, at least, he’ll be able to try 4 different networks, Jabber, and IRC to get his chat fix.

What part of Black Mesa do you work in, Professor Lackey?

I could tell you but then I’d have to kill you.