You could try blocking outbound port 80 traffic to these servers as well: 207.46.110.48 207.46.110.254 213.199.154.54 216.178.160.34 207.68.178.239 194.130.106.132 195.33.103.52 213.199.154.11 213.249.102.94
On Fri, 2004-08-13 at 17:32, Paul Greidanus wrote: > You might want to look at working with a default-deny ruleset then.. > allow only a few things, and only where you can't throw it through a > proxy.. > > Allow Port 80 to a squid cache, allow 25 to your internal MX cache.. > 53/UDP to internal DNS server.. 110/143/993/995 to the company > webserver.. But, user education is almost always a better bet. > > On Aug 13, 2004, at 5:19 PM, Shawn Grover wrote: > > > did some more research on this... > > > > apparently if port 1863 is blocked, MSN then switches to some random > > port above 1024 using HTTP. Next, I tried to block a specific server > > (messenger.hotmail.com) but that didn't work either - I guess MSN > > switches to another server is if the first can't be found.... > > > > hmmm... gotta wonder why they would make it so tough to "turn off". > > > > Shawn > > > > -----Original Message----- > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > > Behalf Of Shawn Grover > > Sent: Friday, August 13, 2004 4:29 PM > > To: [EMAIL PROTECTED]; CLUG General > > Subject: RE: [clug-talk] Blocking MSN with IPTables? > > > > > > Thanks Pete. > > > > Unfortunately, that code doesn't seem to be working. I've placed the > > commands right after the enable masquerading commands, but no luck - > > we can still connect and send messages.... > > > > I even looked up what server we were connecting to > > (messenger.hotmail.com), found it's IP (207.46.104.20), and changed > > the second line. Still no luck. (and there are no #'s in the script > > either...) > > > > Thanks anyways. > > > > Shawn > > > > > > -----Original Message----- > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > > Behalf Of Pete > > Sent: Friday, August 13, 2004 3:58 PM > > To: CLUG General > > Subject: Re: [clug-talk] Blocking MSN with IPTables? > > To block MSN messenger: > > # iptables -A FORWARD -p TCP --dport 1863 -j DROP > > # iptables -A FORWARD -d 64.4.13.0/24 -j DROP > > > > < Somebody that can confirm those 2 lines? > > > > > They still can use web-enabled chat services... > > And what if a user know how to port-redirect ... ? > > > > My opinion : don't block it, educate/ask users, log, detect misuse, > > warn, and give pink slip so that he/she can use MSN @ home all day... > > > > Peter > > > > > > _______________________________________________ > > clug-talk mailing list > > [EMAIL PROTECTED] > > http://clug.ca/mailman/listinfo/clug-talk_clug.ca > > > > _______________________________________________ > > clug-talk mailing list > > [EMAIL PROTECTED] > > http://clug.ca/mailman/listinfo/clug-talk_clug.ca > > > > _______________________________________________ > > clug-talk mailing list > > [EMAIL PROTECTED] > > http://clug.ca/mailman/listinfo/clug-talk_clug.ca > > > _______________________________________________ > clug-talk mailing list > [EMAIL PROTECTED] > http://clug.ca/mailman/listinfo/clug-talk_clug.ca -- Mike Petch CApp::Sysware Consulting Ltd. Suite 1002,1140-15th Ave SW. Calgary, Alberta, Canada. T2R 1K6. (403)804-5700.
signature.asc
Description: This is a digitally signed message part
_______________________________________________ clug-talk mailing list [EMAIL PROTECTED] http://clug.ca/mailman/listinfo/clug-talk_clug.ca
