setelah diintip.
main server teamviewer
1. http://ping3.dyngate.com
2. masterxx.teamviewer.com
dimana xxx = 1 s.d 17
jadi master1.teamviewer.com s.d master17.teamviewer.com
cukup itu aja di block di squid(dstdomain) teamviewer client tidak
menemukan host.
iseng chek port apa yg di pakai
# nmap ping3.dyngate.com
Starting Nmap 4.76 ( http://nmap.org ) at 2010-03-26 23:06 WIT
Warning: Hostname ping3.dyngate.com resolves to 4 IPs. Using 85.25.143.69.
Interesting ports on server340.teamviewer.com (85.25.143.69):
Not shown: 997 filtered ports
PORT STATE SERVICE
80/tcp open http
843/tcp open unknown
3389/tcp open ms-term-serv
Nmap done: 1 IP address (1 host up) scanned in 17.25 seconds
# nmap master1.teamviewer.com
Starting Nmap 4.76 ( http://nmap.org ) at 2010-03-26 23:06 WIT
Interesting ports on master.dyngate.com (87.230.73.23):
Not shown: 998 filtered ports
PORTSTATE SERVICE
80/tcp open http
843/tcp open unknown
ini hasil scan client teamviewer
# nmap 124.217.230.1xx
Starting Nmap 4.76 ( http://nmap.org ) at 2010-03-26 23:12 WIT
Interesting ports on server404.teamviewer.com (124.217.230.174):
Not shown: 997 filtered ports
PORT STATE SERVICE
80/tcp open http
843/tcp open unknown
3389/tcp open ms-term-serv
Nmap done: 1 IP address (1 host up) scanned in 24.82 seconds
biar lebih afdol block port 843 3389
2010/3/26 sonjaya sonj...@gmail.com:
mungkin bisa bermain di level iptables kalau di linux.
Tapi walaupun transparent sebetulnya basic cuman nge forward request
port 80 ke proxy squid dan squid yg ngerequest keluar.
kebetulan di tempat saya ada yg pakai , saya coba restart squid dan
efectnya teamviewer terputus mungkin karena versi gratis tidak bisa
reconnect.
2010/3/25 Arief Yudhawarman arief.mi...@jember.net:
On Thu, Mar 25, 2010 at 09:46:20PM +0700, sonjaya wrote:
nambahini lagi ... yg main di proxy squid
http://forums.bluecoat.com/viewtopic.php?f=1t=5142
seperti pak arief cuman ini yg engga punya mikrotik .
caranya mainkan di acl useragent .
jadi useragent teamviewer yg di block.
moga bantu ...
Di sini pakai proxy squid transparent. Jadi langkah untuk ngeblok
agak ribet sedikit (di mikrotik):
1. Buat mangle untuk menangkap pattern string teamviewer dengan layer7
dan add ke dst address list.
2. Buat policy forward untuk drop koneksi ke dst address list yg telah
dibuat oleh policy nomor 1.
Nah kalau pakai linux saya belum tahu bagaimana caranya buat address list
semudah di mikrotik. Apa perlu patching kernel atau upgrade kernel ?
--
Arief Yudhawarman
http://awarmanf.wordpress.com
--
FAQ milis di http://wiki.linux.or.id/FAQ_milis_tanya-jawab
Unsubscribe: kirim email ke tanya-jawab-unsubscr...@linux.or.id
Arsip dan info milis selengkapnya di http://linux.or.id/milis
--
sonjaya
http://www.sharenupload.com
--
sonjaya
http://www.sharenupload.com
--
FAQ milis di http://wiki.linux.or.id/FAQ_milis_tanya-jawab
Unsubscribe: kirim email ke tanya-jawab-unsubscr...@linux.or.id
Arsip dan info milis selengkapnya di http://linux.or.id/milis