[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Stop yahoo messenger

To: Jagadish <jag@qsupport.com>
Subject: Re: Stop yahoo messenger
From: Joshua Steele <jsteele@CodefusionIS.com>
Date: Mon, 6 May 2002 13:19:46 -0500 (EST)
Cc: Steve Shockley <steve.shockley@shockley.net>, <tech@openbsd.org>

Does the ruleset below  to block yahoo! and MSN affect any of there web
service's (java chat, games, etc.)  Did you test this?


Joshua Steele
Codefusion Internet Services
http://www.CodefusionIS.com
(301) 777-1142

On Mon, 6 May 2002, Jagadish wrote:

> On Sunday 05 May 2002 08:55 pm, you wrote:
>
> Thanks Steve !! . I was able to stop both yahoo and msn messenger services
> with these rules.
> Yahoo_Messenger_Block="{ 216.136.0.0/16 }"
> MSN_Messenger_Block="{ 64.4.13.0/24 }"
> block out log quick on $ExtInt inet proto tcp from any to  \
> $Yahoo_Messenger_Block port != 80
> block in log quick on $ExtInt inet proto tcp from $Yahoo_Messenger_Block \
>  port != 80 to any
> block out log quick on $ExtInt from any to $MSN_Messenger_Block
> block in log quick on $ExtInt from $MSN_Messenger_Block to any
>
> But packet filter didn't match all the IP address which these hosts resolved
> cs.yahoo.com and scsa.yahoo.com
> when i used.
> block out quick on $ExtInt inet proto tcp from cs.yahoo.com to any  port 5050
> block out quick on $ExtInt inet proto tcp from scsa.yahoo.com to any  port
> 5050
>
> this used to match only the first ip the hosts resolved to.
>
> jagadish
>
> > > Any idea on how to block yahoo messenger using Packet Filter.
> > > I tried blocking cs.yahoo.com scsa.yahoo.com and also port 5050 but
> >
> > couldn't
> >
> > > stop yahoo from getting out of the packet filter.
> >
> > Like most instant messengers today, Yahoo Mesenger will scan other ports if
> > it finds that its default port is blocked.  It also will work through an
> > http proxy.  If you really want to block it, about your only choice is to
> > block all of the Yahoo netblocks by IP address, which of course will also
> > block web access.  The other option of course is to just watch for Yahoo
> > Messenger packets/connections, then walk over and uninstall it for the
> > user. If you want to get complicated, you could even write a script to
> > watch for YM connections, then block that user's Internet access for a half
> > hour.

References:
- Re: Stop yahoo messenger
  - From: Jagadish <jag@qsupport.com>

Prev by Date: Tevion TV Card?
Next by Date: proxyarp weirdness in 3.1
Prev by thread: Re: Stop yahoo messenger
Next by thread: Re: Stop yahoo messenger
Index(es):
- Date
- Thread