http://dansguardian.org/
On 3/13/07, Ahmad alsane <[EMAIL PROTECTED]> wrote: > ohh thats true, they still can set the proxy on the explorer to IPS proxy on > port 8080, but i configure the linux box as the default gate way for them > all and i blocked the ISP proxy IP. no body can get to the internet without > passing my proxy through port 3128 (squid default). am just wondering, in > which order the iptables rule will be matched? > about L-7, i cant handle this kind of software, it seems advanced to me, i > will study it 1st. > > my next challenge: blocking download ( .exe, .zip, .rar, audio files, vedio > files ). any hints? > > > On 3/12/07, Zaid Amireh <[EMAIL PROTECTED]> wrote: > > > > > > I have said it before, L-7 filtering, that would give them one hell of > > a time, hehe > > > > Zaid > > > > > > On 3/12/07, Ala'a Ibrahim <[EMAIL PROTECTED]> wrote: > > > Well, I don't think that there is a possible way to block a service and > keep > > > others. > > > well for a user the possible way is to connect vnc to another machine > > > outside the network and use it, or tunnel whatever service on whatever > port. > > > so I guess what ahmad have done is enough. > > > > > > > > > On 3/12/07, Zaid Amireh <[EMAIL PROTECTED]> wrote: > > > > > > > > > > > > they can still tunnel MSN over 80. > > > > > > > > Zaid > > > > > > > > On 3/12/07, Ahmad alsane <[EMAIL PROTECTED]> wrote: > > > > > ok issue solved (side effect had bean treated) with this iptables > entry > > > > > > > > > > #iptables -N LAN > > > > > #iptables -A INPUT -j LAN > > > > > #iptables -A OUTPUT -j LAN > > > > > #iptables -A FORWARD -j LAN > > > > > #iptables -A RH-Firewall-1-INPUT -j LAN (for redhat only) > > > > > #iptables -A LAN -d login.live.com -p tcp --dport 1863 -j DROP > > > > > > > > > > any comments ? > > > > > On 3/12/07, Ammar Ibrahim < [EMAIL PROTECTED]> wrote: > > > > > > > > > > > > > > > > > > > > > > > > On 3/12/07, Ahmad alsane <[EMAIL PROTECTED] > wrote: > > > > > > > issue completly solved. here is the scenario: > > > > > > > 1. we connect to the internet through ISP proxy and thats why i > > > couldnt > > > > > block any thing when i start - sloved by running squid. > > > > > > > 2. googling for MSN messenger port result on tcp:1863 but that > was > > > 3ala > > > > > elfade bala mo2a`7theh - have no idea why. - solved by blocking > > > > > login.live.com but there is a side effect, hotmail blocked too. > > > > > > > > > > > > > > > > > > That's a bonus, not a side effect ;) > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > -- > > > > > REGARDS. > > > > > Ahmad S. Alsane > > > > > OAK CPA > > > > > KSA - Jeddah > > > > > +966 55 701 3494 > > > > > > > > > > > > > > > > > > > > > > > -- > > > > --------------------------- > > > > Netiquette -> http://www.dtcc.edu/cs/rfc1855.html > > > > Netiquette Nazi -> > > > > > > > > http://redwing.hutman.net/%7Emreed/warriorshtm/netiquettenazi.htm > > > > --------------------------- > > > > > > > > > > > > http://guru.alaa-ibrahim.com/ > > > > > > > > > > > > > > > > > > > -- > > --------------------------- > > Netiquette -> http://www.dtcc.edu/cs/rfc1855.html > > Netiquette Nazi -> > > > http://redwing.hutman.net/%7Emreed/warriorshtm/netiquettenazi.htm > > --------------------------- > > > > > > Ahmad S. Alsane > > OAK CPA > > KSA - Jeddah > > +966 55 701 3494 > > > > > > > -- --------------------------- Netiquette -> http://www.dtcc.edu/cs/rfc1855.html Netiquette Nazi -> http://redwing.hutman.net/%7Emreed/warriorshtm/netiquettenazi.htm --------------------------- --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Jolug" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/Jolug?hl=en-GB -~----------~----~----~----~------~----~------~--~---
