Gregory Machin wrote:
Hi I have a routing / firewall box that provides routing for the lan, dmz some routed vpn, and the internet.. I have been asked to block all traffice going from that lan,then give limited ip's full access to the internet and other limited access, via certian ports for say mail and http.. and this seems to be working fine, execpt that, bit torrent and msn and google talk seem the be slipping by ... by my understanding everything should be locked down ... appart from the http/s going via squid, which i'll tackel next ..
That's your problem. MSN, Kazaa, whatever, all tunnel over port 80 if no other means to communicate is found (i.e. direct ports open). You need content inspection to block that.
HTH, M4
