Hi all,
I was going through the mailing archive of some site and found the queries regarding blocking yahoo and msn messenger using iptable. There is a small script which I have written to block the yahoo,msn and rediff messenger using iptable. I thought to share it with you all as it might help some one on the list to block them.
u can download the script from http://www.linzsystem.com/iptmess.tgz
Took around a week to compile this huge list of servers and it definitely works
Mohan
Blocking the Messenger ports is more effective, easy & less work for firewall(iptables). lilo
--- Mohan Cheema mohancheema@softhome.net wrote: > Hi all,
I was going through the mailing archive of some site and found the queries regarding blocking yahoo and msn messenger using iptable. There is a small script which I have written to block the yahoo,msn and rediff messenger using iptable. I thought to share it with you all as it might help some one on the list to block them.
u can download the script from http://www.linzsystem.com/iptmess.tgz
Took around a week to compile this huge list of servers and it definitely works
Mohan
-- "...very few phenomena can pull someone out of Deep Hack Mode, with two noted exceptions: being struck by lightning, or worse, your *computer* being struck by lightning." (By Matt Welsh)
-- _______________________________________________
________________________________________________________________________ Missed your favourite TV serial last night? Try the new, Yahoo! TV. visit http://in.tv.yahoo.com
liloindia wrote:
Blocking the Messenger ports is more effective, easy & less work for firewall(iptables). lilo
Can you give me list of the ports to be blocked for YM,MSN,BOL! have you tried that out if yes and succeeded than please tell me how? :-/ as far as i know such a solution doesn't work :(
Mohan
Mohan, AFAIK, you can deny outgoing connection by its TCP/UDP port number.
Here is how you specify the simple firewall rule
----------------------------------------- Rule SrcIP Srcport DstIP DstPort Action -----------------------------------------
Blocking MSN by blocking port 1863 for outgoing connections iptables -A FORWARD -p TCP --dport 1863 -j REJECT
Blocking MSN by IPaddress pool for outgoing connections
iptables -A FORWARD -d 64.4.13.0/24 -j REJECT
I hope you get the idea.....
See this list of Famous Application which you would consider to block
http://www.practicallynetworked.com/sharing/app_port_list.htm
peace lilo
--- Mohan Cheema mohancheema@softhome.net wrote: > liloindia wrote:
Blocking the Messenger ports is more effective,
easy &
less work for firewall(iptables). lilo
Can you give me list of the ports to be blocked for YM,MSN,BOL! have you tried that out if yes and succeeded than please tell me how? :-/ as far as i know such a solution doesn't work :(
________________________________________________________________________ Missed your favourite TV serial last night? Try the new, Yahoo! TV. visit http://in.tv.yahoo.com
oh yes why not. but in this case we can specify destination network address. regards lilo
yahoo messenger connects on ports 5050, 23, 25, and 80. Are you going to block all of those?
________________________________________________________________________ Missed your favourite TV serial last night? Try the new, Yahoo! TV. visit http://in.tv.yahoo.com
On Tue, 21 Jan 2003, liloindia wrote:
but in this case we can specify destination network address.
don't top post.
yahoo has networks all around the world - with different subnets. are you going to add all of them? how do you find out all their addresses?
Philip
-
liloindia -
Mohan Cheema -
Philip S Tellis