Block all download software

nkutty · 10-06-2008, 11:22 PM

Hi..

i am using REHEL4 with squid proxy for internet sharing

and also potables firewall i wan to block all the downloading software

like flash get, web zip, get right, web ripper using this all are missing

using the internet how to Block downloading through software

please help ME dears

With regards
Kutty N

htnakirs · 10-07-2008, 05:20 AM

It will be hard to find and block all downloading apps. If your concern is high data transfer, it is much easier to setup quotas for each user. I think. This will automatically prevent large downloads from being saved.

nkutty · 10-07-2008, 10:58 PM

Other way is how to fine port for these downloadmnagers

win32sux · 10-07-2008, 11:06 PM

Maybe you could use the browser ACL to allow access only for your browser's User-Agent string(s).

That is, assuming the download managers don't do any User-Agent spoofing.

nkutty · 10-07-2008, 11:17 PM

hi..

if we are able to find listen port number for these flash get, web zip, web ripper, free download manger we can drop these port through iptables

can say the port numbers or tell me how find the ports

billymayday · 10-07-2008, 11:19 PM

Set up wireshark on the server and fire the products up and see what ports they use.

nkutty · 10-07-2008, 11:24 PM

i am not clear what Your saying.. this there any way through Net to fine

billymayday · 10-07-2008, 11:39 PM

Wireshark lets you look at packets that pass through an ethernet port. You can see what the source and destination ports are, protocol, IPs etc. Set it up (it should be in one of the RH repos) and start the various applications you are concerned about on a computer attached to the server. You'll soon see ewhat ports the applications are requesting.

I fact, you could just install wireshark on a client and watch there. There are Windows and Linux versions.

win32sux · 10-08-2008, 04:15 PM

The destination ports would be useless, as they will be the same ports anything else uses. You won't be able to differentiate between program Foo and program Bar by using destination ports. You could use source ports, but who's to say the programs limit themselves to a specific range which doesn't overlap with what your browser (for example) uses? This kind of stuff is simply not something iptables is a good choice for half the time.