LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 07-14-2003, 01:15 AM   #1
slack66
Member
 
Registered: Jul 2003
Location: manila
Distribution: slackware 8 to 9
Posts: 199

Rep: Reputation: 30
yahoo messenger imesh block


hi in our company we have at list 20 computer connect to the internet,at first our access run smooth and fast enought to surf the web but suddenly it become so slow i discover that some of my user are using imesh and yahoo messenger and even getright to download mp3 and mpeg movie... the question is how do i block does program??? pls help me my boss is getting angry of slow connections thks in advance

Last edited by slack66; 07-14-2003 at 01:17 AM.
 
Old 07-14-2003, 01:28 AM   #2
DavidPhillips
LQ Guru
 
Registered: Jun 2001
Location: South Alabama
Distribution: Fedora / RedHat / SuSE
Posts: 7,163

Rep: Reputation: 58
downloading is probably the main culprit

you can block any undesired web traffic you want with a proxy server.

I used dansguardian a long time ago. There's also squidguard and many others.

What you want to do is setup the iptables rules to redirect all web traffic through the proxy server

# Transparent proxy
$IPTABLES -A PREROUTING -t nat -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128
$IPTABLES -A PREROUTING -t nat -i eth2 -p tcp --dport 80 -j REDIRECT --to-port 3128
$IPTABLES -A PREROUTING -t nat -i ppp0 -p tcp --dport 80 -j REDIRECT --to-port 3128

monitor traffic with iptraf you can see what other ports are getting a lot of traffic, you can shut them down with iptables rules


$IPTABLES -A tcp_packets -p TCP -s 0/0 --dport 32768 -j DROP
 
Old 07-14-2003, 02:00 AM   #3
slack66
Member
 
Registered: Jul 2003
Location: manila
Distribution: slackware 8 to 9
Posts: 199

Original Poster
Rep: Reputation: 30
what is --dport 32768??? is this the port that imesh or yahoo messenger are using??? an followup iam just using 2 lan card in my gateway server eth0 for my public 203.23.x.x and eth1 for my internal network private 192.168.0.1 iam connected via wireless internet.... which will i use the 1st ,2nd or both??
 
Old 07-14-2003, 04:10 AM   #4
DavidPhillips
LQ Guru
 
Registered: Jun 2001
Location: South Alabama
Distribution: Fedora / RedHat / SuSE
Posts: 7,163

Rep: Reputation: 58
that port is just an example

just open the port you want them to use like port 80 and close all others

create new tables..
$IPTABLES -N udp_in
$IPTABLES -N tcp_in

redirect the tcp and udp traffic on the interface to the new tables..
$IPTABLES -A INPUT -p TCP -i eth1 -j tcp_in
$IPTABLES -A INPUT -p UDP -i eth1 -j udp_in

example open tcp ports..
$IPTABLES -A tcp_in -p TCP -s 0/0 --dport 25 -j ACCEPT
$IPTABLES -A tcp_in -p TCP -s 0/0 --dport 80 -j ACCEPT

close all others..
$IPTABLES -A tcp_in -p TCP -j DROP

example open udp port..
$IPTABLES -A udp_in -p UDP -s 0/0 --source-port 53 -j ACCEPT

close all others..
$IPTABLES -A udp_in -p UDP -j DROP


then get ready for some angry people

it's probably better to leave it open then close offending ports as needed like I have shown above

Last edited by DavidPhillips; 07-14-2003 at 04:12 AM.
 
Old 11-18-2003, 12:08 PM   #5
moto
LQ Newbie
 
Registered: Nov 2003
Location: mumbai
Distribution: redhat linux 9
Posts: 2

Rep: Reputation: 0
Try this

iptables -A FORWARD --p TCP --dport 5000:5100 -j REJECT
iptables -A FORWARD -d cs.yahoo.com -j REJECT
iptables -A FORWARD -d scsa.yahoo.com -j REJECT
iptables -A FORWARD -d scsa.msg.yahoo.com -j REJECT

OR/ AND if still not blocked

FW_MASQ_NETS="192.168.1.0/24,0/0,TCP,5000:5100"
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
How can i use MSN Messenger or Yahoo Messenger in slack ware ruzvay Linux - Software 8 02-16-2006 01:42 PM
Block yahoo messenger space_beyond Linux - Security 5 05-23-2005 09:53 PM
Block Yahoo messenger Rajesh_Amma Linux - Networking 1 02-21-2005 04:02 AM
block yahoo messenger by ip address gsr_kashyap Linux - Software 3 11-10-2004 01:13 AM
Instant messenger Chat Kopete mandrake linux yahoo and MSN messenger saurya_s Linux - Software 1 11-22-2003 02:05 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 06:30 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration