Re: Rules to blocking MS-Messenger

From: Andreu Sanchez (tanis_at_lleida.com)
Date: 06/03/03

  • Next message: jeen: "Re: Rules to blocking MS-Messenger"
    To: security-discuss@linuxsecurity.com
    Date: 03 Jun 2003 09:10:18 +0200
    
    

    The easier way is to fall in a paranoic firewall, all rejected unless
    you want "x" port, so you don't have to bother for new software p2p,
    messaging services, etc.

    Regards,

    On Tue, 2003-06-03 at 00:12, Sergio A Lima Jr wrote:
    > Hi friends,
    >
    > I am having problem for blocking ms-messenger.
    >
    > My firewall this based in packets filter and the policy
    > input/output/forward is ACCEPT.
    >
    > Already the following politics in firewall is implemented in the top
    > rules:
    >
    > ipchains -A input -p tcp -d any/0 --destination-port 1863 -j DENY
    > ipchains -A input -p tcp -d any/0 --destination-port 1864 -j DENY
    > ipchains -A forward -p tcp -d any/0 --destination-port 1863 -j DENY
    > ipchains -A forward -p tcp -d any/0 --destination-port 1864 -j DENY
    > ipchains -A output -p tcp -d any/0 --destination-port 1863 -j DENY
    > ipchains -A output -p tcp -d any/0 --destination-port 1864 -j DENY
    >
    > ipchains -A input -p udp -d any/0 --destination-port 1863 -j DENY
    > ipchains -A input -p udp -d any/0 --destination-port 1864 -j DENY
    > ipchains -A forward -p udp -d any/0 --destination-port 1863 -j DENY
    > ipchains -A forward -p udp -d any/0 --destination-port 1864 -j DENY
    > ipchains -A output -p udp -d any/0 --destination-port 1863 -j DENY
    > ipchains -A output -p udp -d any/0 --destination-port 1864 -j DENY
    >
    > However, these politics are not having validity, therefore my users are
    > obtaining to use this program.
    >
    > Somebody as some tip of as to block this software?
    >
    > Thanks a lot!
    >
    > Best regards.
    >
    > P.S.: Plese, it forgives for the horrible english. :-)

    -- 
     -------------------------------------------------------------------
    | Andreu Sánchez Costa - Dep. Gestió de Sistemes - sistemes@iws.es  |
    | Tel: +34973234106 - http://www.iws.es/ - Internet Web Serveis     |
    | Fingerprint = 3ADA 69EF 4E84 DEC8 D219  6863 83F0 513E 06AE 46D1  |
    | GnuPG key: 06AE46D1 ( pgp.mit.edu - www.keyserver.net )	    |
     -------------------------------------------------------------------
    ------------------------------------------------------------------------
         To unsubscribe email security-discuss-request@linuxsecurity.com
             with "unsubscribe" in the subject of the message.
    

  • Next message: jeen: "Re: Rules to blocking MS-Messenger"