I am having a brain phart day. The link for the download was given, but you will find information on the procedure at http://www.chrisliveonline.com/security/squid.htm
On Fri, 2004-08-13 at 17:59, Michael Petch wrote: > One other method is to use a proxy server to help filter traffic by URL > and/or IP. This involves running squid on your firewall box and taking > all outbound port 80 traffic from your internal network and sending it > to squid port 3128 (Which then goes to the real world). Squid has the > ability to block by url's and IP addresses. > > If this seems like a way you might want to go then I could recommend > this site with config files, settings and scripts you might find useful: > > http://www.chrisliveonline.com/security/scripts/squid.zip > > > On Fri, 2004-08-13 at 17:19, Shawn Grover wrote: > > did some more research on this... > > > > apparently if port 1863 is blocked, MSN then switches to some random port above > > 1024 using HTTP. Next, I tried to block a specific server (messenger.hotmail.com) > > but that didn't work either - I guess MSN switches to another server is if the > > first can't be found.... > > > > hmmm... gotta wonder why they would make it so tough to "turn off". > > > > Shawn > > > > -----Original Message----- > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > > Behalf Of Shawn Grover > > Sent: Friday, August 13, 2004 4:29 PM > > To: [EMAIL PROTECTED]; CLUG General > > Subject: RE: [clug-talk] Blocking MSN with IPTables? > > > > > > Thanks Pete. > > > > Unfortunately, that code doesn't seem to be working. I've placed the commands > > right after the enable masquerading commands, but no luck - we can still connect > > and send messages.... > > > > I even looked up what server we were connecting to (messenger.hotmail.com), found > > it's IP (207.46.104.20), and changed the second line. Still no luck. (and there > > are no #'s in the script either...) > > > > Thanks anyways. > > > > Shawn > > > > > > -----Original Message----- > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > > Behalf Of Pete > > Sent: Friday, August 13, 2004 3:58 PM > > To: CLUG General > > Subject: Re: [clug-talk] Blocking MSN with IPTables? > > To block MSN messenger: > > # iptables -A FORWARD -p TCP --dport 1863 -j DROP > > # iptables -A FORWARD -d 64.4.13.0/24 -j DROP > > > > < Somebody that can confirm those 2 lines? > > > > > They still can use web-enabled chat services... > > And what if a user know how to port-redirect ... ? > > > > My opinion : don't block it, educate/ask users, log, detect misuse, warn, and give > > pink slip so that he/she can use MSN @ home all day... > > > > Peter > > > > > > _______________________________________________ > > clug-talk mailing list > > [EMAIL PROTECTED] > > http://clug.ca/mailman/listinfo/clug-talk_clug.ca > > > > _______________________________________________ > > clug-talk mailing list > > [EMAIL PROTECTED] > > http://clug.ca/mailman/listinfo/clug-talk_clug.ca > > > > _______________________________________________ > > clug-talk mailing list > > [EMAIL PROTECTED] > > http://clug.ca/mailman/listinfo/clug-talk_clug.ca -- Mike Petch CApp::Sysware Consulting Ltd. Suite 1002,1140-15th Ave SW. Calgary, Alberta, Canada. T2R 1K6. (403)804-5700.
signature.asc
Description: This is a digitally signed message part
_______________________________________________ clug-talk mailing list [EMAIL PROTECTED] http://clug.ca/mailman/listinfo/clug-talk_clug.ca
