LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 10-12-2006, 07:52 AM   #1
omprakash.nigam
LQ Newbie
 
Registered: Oct 2006
Posts: 1

Rep: Reputation: 0

Hi,

May I know how to total block all the IM using Iptables and squid because my company new policy want me to block all the IM.
For time being i just able to block yahoo and ICQ using iptables and msn using squid. but I unable to block skype and google talk.
I want iptables rule to block all these Googletalk,Skype and etc..
hope some one can help me to solve it or point me the useful link.

thanks.

I want block Googletalk and Skype and other IM on my linux machine by ipables rule...
can anybody help for same....
i want iptables rule for same.....

//moderator.note: posts pruned, merged and added to new thread. Please do not revive stale threads but make your own. Please read the LQ Rules. Please search the forums for your topic as it has been asked many times before.

Last edited by unSpawn; 10-12-2006 at 08:34 AM. Reason: //Undo stale-thread-add, reset zero-reply, add mod note
 
Old 10-12-2006, 09:00 AM   #2
~=gr3p=~
Member
 
Registered: Feb 2005
Location: ~h3av3n~
Distribution: RHEL 4, Fedora Core 3,6,7 Centos 5, Ubuntu 7.04
Posts: 227

Rep: Reputation: 30
i haven't checked with skype yet but googletalk, yahoo, msn u can block using dansguardian with squid watching:

tail -f /var/log/squid/access

or check with

http://www.safesquid.com/
 
Old 10-18-2006, 01:03 AM   #3
pavangogineni
LQ Newbie
 
Registered: Aug 2006
Posts: 17

Rep: Reputation: 0
Unhappy want to block yahoo and msn

Quote:
Originally Posted by omprakash.nigam
Hi,

May I know how to total block all the IM using Iptables and squid because my company new policy want me to block all the IM.
For time being i just able to block yahoo and ICQ using iptables and msn using squid. but I unable to block skype and google talk.
I want iptables rule to block all these Googletalk,Skype and etc..
hope some one can help me to solve it or point me the useful link.

thanks.

I want block Googletalk and Skype and other IM on my linux machine by ipables rule...
can anybody help for same....
i want iptables rule for same.....

//moderator.note: posts pruned, merged and added to new thread. Please do not revive stale threads but make your own. Please read the LQ Rules. Please search the forums for your topic as it has been asked many times before.

Hi,

I want to know how you blocked yahoo and msn using iptables and squid . I am also trying for it since a long time.
Please help me.
Thanks.
 
Old 10-18-2006, 08:31 AM   #4
~=gr3p=~
Member
 
Registered: Feb 2005
Location: ~h3av3n~
Distribution: RHEL 4, Fedora Core 3,6,7 Centos 5, Ubuntu 7.04
Posts: 227

Rep: Reputation: 30
forget googletalk,msn,yahoo... that is not hard.. skype is interesting... after trying alot i took help of google and was able to block skype with squid

so bottomline: google is my friend
 
Old 10-18-2006, 09:22 AM   #5
amitsharma_26
Member
 
Registered: Sep 2005
Location: New delhi
Distribution: RHEL 3.0/4.0
Posts: 777

Rep: Reputation: 31
Quote:
Originally Posted by pavangogineni
I want to know how you blocked yahoo and msn using iptables and squid . I am also trying for it since a long time.
I am blocking yahoo with this squid code /
Code:
acl Yahoo-Mess dst 24.71.200.68/32 204.71.202.73/32 204.71.200.0/24 204.71.177.35/32 204.71.202.59/32 204.71.202.58/32 216.115.105.214/32 204.71.201.47/32 204.71.201.48/32 216.115.105.215/32 216.136.172.221/32
http_access deny Yahoo-Mess
acl Yahoo-Messs dstdomain .msg.yahoo.com
acl Yahoo-Messs dstdomain pager.yahoo.com
acl Yahoo-Messs dstdomain update.messenger.yahoo.com
acl Yahoo-Messs dstdomain update.pager.yahoo.com
http_access deny Yahoo-Messs
 
Old 10-19-2006, 12:34 AM   #6
pavangogineni
LQ Newbie
 
Registered: Aug 2006
Posts: 17

Rep: Reputation: 0
Quote:
Originally Posted by amitsharma_26
I am blocking yahoo with this squid code /
Code:
acl Yahoo-Mess dst 24.71.200.68/32 204.71.202.73/32 204.71.200.0/24 204.71.177.35/32 204.71.202.59/32 204.71.202.58/32 216.115.105.214/32 204.71.201.47/32 204.71.201.48/32 216.115.105.215/32 216.136.172.221/32
http_access deny Yahoo-Mess
acl Yahoo-Messs dstdomain .msg.yahoo.com
acl Yahoo-Messs dstdomain pager.yahoo.com
acl Yahoo-Messs dstdomain update.messenger.yahoo.com
acl Yahoo-Messs dstdomain update.pager.yahoo.com
http_access deny Yahoo-Messs
It's not working man.
 
Old 11-23-2006, 03:30 AM   #7
soumalya
Member
 
Registered: Nov 2006
Posts: 260

Rep: Reputation: 31
how to block skype as well as trillion messenger from squid

skypethanks for ur knowledge sharing , but can u plzzzzz tell me how to block skype as well as trillion messenger from squid
 
Old 11-24-2006, 11:14 AM   #8
amitsharma_26
Member
 
Registered: Sep 2005
Location: New delhi
Distribution: RHEL 3.0/4.0
Posts: 777

Rep: Reputation: 31
For blocking rediff bol messenger via squid,

Code:
acl rediff-block url_regex gatekeeper.rediff
http_access deny rediff-block

Last edited by amitsharma_26; 12-08-2006 at 01:33 PM.
 
Old 11-26-2006, 09:22 PM   #9
soumalya
Member
 
Registered: Nov 2006
Posts: 260

Rep: Reputation: 31
block trillion messenger

thank for sharing ur knowledge. can u plz tell me to block trillion messenger from squid???????????
 
Old 11-27-2006, 05:43 AM   #10
amitsharma_26
Member
 
Registered: Sep 2005
Location: New delhi
Distribution: RHEL 3.0/4.0
Posts: 777

Rep: Reputation: 31
Quote:
Originally Posted by soumalya
thank for sharing ur knowledge. can u plz tell me to block trillion messenger from squid???????????
I havent used trillion messenger yet, give me some time, probably i'll download it tonight & test the way it communicates & then post you the way to block it.
 
Old 11-28-2006, 01:30 AM   #11
soumalya
Member
 
Registered: Nov 2006
Posts: 260

Rep: Reputation: 31
block trillion messenger

thanks for ur mail again. dont worry take ur time. with this software(trillion)u can us as yahoo, msn and other messenger.



thanks
 
Old 12-08-2006, 01:15 PM   #12
amitsharma_26
Member
 
Registered: Sep 2005
Location: New delhi
Distribution: RHEL 3.0/4.0
Posts: 777

Rep: Reputation: 31
Quote:
Originally Posted by pavangogineni
It's not working man.
Then you can use this..(squid code for blocking yahoo messenger)
Code:
acl yahoo url_regex shttp.msg.yahoo.com
http_access deny yahoo
EDIT : But for that to work, you got to make sure that your squid should be the one who's doing the name resolutions.

Last edited by amitsharma_26; 12-08-2006 at 01:34 PM.
 
Old 12-08-2006, 01:32 PM   #13
amitsharma_26
Member
 
Registered: Sep 2005
Location: New delhi
Distribution: RHEL 3.0/4.0
Posts: 777

Rep: Reputation: 31
Quote:
Originally Posted by soumalya
thanks for ur mail again. dont worry take ur time. with this software(trillion)u can us as yahoo, msn and other messenger.

thanks
Soumalya, what is your network topology ?
How does your client connect to internet, today itself i tried & installed trillion, but for providing you a solution with, i got to know about how does your network looks like.

As earlier said, if you are sitting behind a squid-proxy & squid is the one who's doing the name resolutions, then you can use the method i have described in the last post.
 
Old 12-09-2006, 12:48 AM   #14
soumalya
Member
 
Registered: Nov 2006
Posts: 260

Rep: Reputation: 31
thank for ur suggestion.

i just want to know can i block trillion messegnger by using thi

acl yahoo url_regex shttp.msg.yahoo.com
http_access deny yahoo


thanks.
 
Old 12-10-2006, 08:00 AM   #15
live_dont_exist
Member
 
Registered: Aug 2004
Location: India
Distribution: Redhat 9.0,FC3,FC5,FC10
Posts: 257

Rep: Reputation: 30
Basically what is Trillian?? Its just another messenger client which has integrated support of Yahoo/MSN in it. So if you've blocked all traffic going to yahoo/MSN anyway.. Trillian is going to try to connect using Yahoo/MSN protocols which you've blocked and hence will not be able to connect.

Theres no way you can block "Trillian" itself unless you have a firewall on each machine which has program level control like ZOne Alarm or something. If you manage to block the ports on which MSN/Yahoo?Gaim?Gtalk/Trillian/whatever communicate on with these servers on your firewall you should be fine. Blocking 100 instant messengers makes no sense according to me coz there will always be a new one to try.

Do Post back if this doesnt make sense.

Cheers
Arvind
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
how to block all the IM -- skype, googletalk, msn, yahoo, ICQ cksoo Linux - Security 20 10-09-2007 07:08 AM
Jabber/GoogleTALK/iCHAT users... post your account address here bento General 1 03-03-2006 01:37 PM
GoogleTalk srivastava Linux - Software 3 10-23-2005 04:17 AM
IPTables and PPTPD :S (to block or not to block) thewonka Linux - Networking 0 03-24-2005 06:58 PM
How to block? Obie Linux - Security 6 05-15-2004 12:27 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 05:20 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration