Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
Ive got Squid, Dansguardian and Iptables installed. And I know on what ports msn messenger operates "blocking those ports does not work anymore" . I want a solution to totally block the usage of msn messenger on my network. Ive read alot of posts here and elsewhere, the solutions either dont work partially or at all.
Any help would be highly appreciated !!
Note: This might sound silly, but if you redirect all traffic comming to port 1863 to a running daemon on ur linux box "ex: 25" it stops msn messenger from working. But I have different subnets and not all have access to the same ports and this method does not work for me.
You will need to do some listening to an MSN connection as it sets up.
Blocking the high ports will force it to use http methods.
Watch the dansguardian logs for the first signs of msn urls, then add them to the url blocklist.
As an added precaution, run a small dns proxy, eg dnsmasq, and add the msn domains to /etc/hosts but with a 127.0.0.1 ip address.
If users can't get dns working, they can't establish calls.
I've never tried to block MSN Messenger but I do know a good way to block AOL is to add a dns entry to your internal servers where login.oscar.aol.com (or something like that0 is 127.0.0.1.
I don't use MSN but maybe you could open up a client and see what it actually connects to in the configuration (if it tells) and block that. Alternatley I've seen where you can just straight out block the IP's that it uses. Users may complain they can't get to hotmail though.....
If you do make the DNS change and it works, your end users might be able to just take out the domain name in the config and replace it with an IP if they are smart enough.
OT: Are you in Lebanon right now? Are you in the northern part or southern part?
Hmm...so what you mean is that if I add the msn urls to url blocklist...msn will not switch to using the http method...? What if they initiate a troubleshoot session and press repair ?
Iam living in beirut city..near AUB the American University of Beirut ...which is a relatively safe place..but my house was destroyed.... Ive been sleeping at my office for the last 20 days..but if you want me to check out somebody for you Iam willing to do so.
-= Mod Note: You can continue this conversation via email pls =-
Last edited by peter_robb; 08-03-2006 at 12:58 PM.