Thanks Wil McGilvery Manager, Digital Media
416-744-7191 416-716-3964 (cell) 1-888-622-3729 416-744-0406� FAX www.LynchDigital.com -----Original Message----- From: Federico Voges [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 13, 2003 5:05 PM To: [EMAIL PROTECTED] Subject: RE: Internet Content Filtering Suggestions WARNING: Unsanitized content follows. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, You can do that on linux too, but only with local apps (note: the same limitation applies to windows). Once on the "wire", there's no way to know which application generated the packet*. * Well, that's not entirely correct, you can infer the originating app from the packet headers/contents but that is very CPU intensive. Bye! On Thu, 13 Feb 2003 15:29:09 -0500, Wil McGilvery wrote: >That is what I have done as well. I have blocked the domain of the servers used for >these programs. I was wondering if there was a way to block by application. My only >experience with this was in the Windoze world where I could say allow Netscape or >Internet Exploder on port 80 but not msn messenger. > >Regards, > >Wil McGilvery >Manager, Digital Media > > > >416-744-7191 >416-716-3964 (cell) >1-888-622-3729 >416-744-0406 FAX >www.LynchDigital.com > > >-----Original Message----- >From: Federico Voges [mailto:[EMAIL PROTECTED]] >Sent: Thursday, February 13, 2003 3:22 PM >To: [EMAIL PROTECTED] >Subject: RE: Internet Content Filtering Suggestions > >WARNING: Unsanitized content follows. >Hi, > >The idea is to block the login servers. I have this from the LARTC >list: > >-------- START SNIP -------- >This one Blocks AOL IM and ICQ > >iptables -A FORWARD --dport 5190 -j REJECT >iptables -A FORWARD -d login.oscar.aol.com -j REJECT > > >-------------------------- >This one Blocks MSN Messenger > >iptables -A FORWARD -p TCP --dport 1863 -j REJECT >iptables -A FORWARD -d 64.4.13.0/24 -j REJECT > >-------- END SNIP -------- > >Note that the auto config of ICQ (Main -> Preferences -> Connections -> >Server -> Auto Configure) sometimes uses other port numbers besides the >default (5190). Don't know if those rules efectivelly disables the auto >config feature or not. > >Bye! > >On Thu, 13 Feb 2003 15:10:29 -0500, Wil McGilvery wrote: > >>You could try Dans Gaurdian. >> >>It works with squid and will allow you to controls the sites they go to. >> >>http://dansguardian.org/ >> >>You can also limit what files they download by extension if you wish. >> >>To block access after 6:00 pm you use a cron job to shut down squid/dansguardian. >> >>As Fredrico said, iptables can be use to block the ports that these messengers use, >but they can still use port 80. >> >>I don't know how to block by application so I just blocked the domains that these >servers are on. For example I have blocked hotmail and msn messenger, but not msn.com >> >>(If anyone reading this knows how to block port 80 for msn messenger and not your >browser, I would love to know how). >> >>HTH >> >> >>Wil McGilvery >>Manager, Digital Media >> >> >> >>416-744-7191 >>416-716-3964 (cell) >>1-888-622-3729 >>416-744-0406 FAX >>www.LynchDigital.com >> >> >>-----Original Message----- >>From: Federico Voges [mailto:[EMAIL PROTECTED]] >>Sent: Thursday, February 13, 2003 1:41 PM >>To: [EMAIL PROTECTED] >>Subject: Re: Internet Content Filtering Suggestions >> >>WARNING: Unsanitized content follows. >>On Thu, 13 Feb 2003 11:03:43 -0600, Ben Duncan wrote: >> >>>Have a client that has about 25 WinSLug Computers. We need to >>>implement some sort >>>content / virus filtering, as the employees are starting to abuse the >>>internet connection. >>> >>>We need to allow them to access certain web sites, restrict others, >>>BLOCK ICQ/AIM, and >>>do a "time" (Absolutely NO access to the internet after 6PM). >>> >>>Now SonicWall seems to be the leading contender here for an appliance >>>solution, BUT, they >>>want a "subscription" on all of there devices. >>> >>>Any Suggestion here? NutZwerk Appliance? Cheap PC with linux and some >>>sort of easy to use >>>admin software? >>> >>Te most flexible solution is the last: PC + Linux. >> >>You can use Squid + some extra soft to limit web usage and >>netfilter/iptables to block IMs. >> >>In fact, if you just need ftp/web access you can turn of forwarding at >>the gateway and force everyone to go out through Squid (and maybe, a >>socks server). >> >>One caveat: you'll need at least some scripting skills to go this way. >> >>Another option is to use one of the comercial "out of the box" >>solutions. One that looks ok is Astaro Security Linux (www.astaro.com). >>It's comercial but you can download the full product iso image to >>testing (if you like it, all you need to do is enter de reg key in the >>control panel). >> >>I haven't used it, but appears to be one of the mos t complete and >>flexible arround. >> >>You can also go the LRP style and use one of the many LRP >>clones/derivatives. A good start point is http://leaf.sf.net >> >>Just my $0.02 :) >>Federico Voges >>Socio gerente >> >>Intrasoft >>Malabia 2137 14 A >>(1425) Buenos Aires >>Argentina >> >>Te/Fax: 54-11-4833-5182 >>e-mail: [EMAIL PROTECTED] >>Web: http://www.intrasoft.com.ar >> >> >> >>_______________________________________________ >>Linux-users mailing list >>[EMAIL PROTECTED] >>Unsubscribe/Suspend/Etc -> http://www.linux-sxs.org/mailman/listinfo/linux-users >> >>_______________________________________________ >>Linux-users mailing list >>[EMAIL PROTECTED] >>Unsubscribe/Suspend/Etc -> http://www.linux-sxs.org/mailman/listinfo/linux-users > >Federico Voges >Socio gerente > >Intrasoft >Malabia 2137 14 A >(1425) Buenos Aires >Argentina > >Te/Fax: 54-11-4833-5182 >e-mail: [EMAIL PROTECTED] >Web: http://www.intrasoft.com.ar > > > >_______________________________________________ >Linux-users mailing list >[EMAIL PROTECTED] >Unsubscribe/Suspend/Etc -> http://www.linux-sxs.org/mailman/listinfo/linux-users > >_______________________________________________ >Linux-users mailing list >[EMAIL PROTECTED] >Unsubscribe/Suspend/Etc -> http://www.linux-sxs.org/mailman/listinfo/linux-users Federico Voges Socio gerente Intrasoft Malabia 2137 14 A (1425) Buenos Aires Argentina Te/Fax: 54-11-4833-5182 e-mail: [EMAIL PROTECTED] Web: http://www.intrasoft.com.ar -----BEGIN PGP SIGNATURE----- Version: PGP SDK 3.0 iQA/AwUBPkwWfxRcJRaVKt4XEQJ7rQCeNEG9DI7nHuTpkbzNnX101YXjeVEAnAwl PyWPip0PTxj03co0U+DP/m7J =yL8A -----END PGP SIGNATURE----- _______________________________________________ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc -> http://www.linux-sxs.org/mailman/listinfo/linux-users _______________________________________________ Linux-users mailing list [EMAIL PROTECTED] Unsubscribe/Suspend/Etc -> http://www.linux-sxs.org/mailman/listinfo/linux-users
