I think - a good thing to solve the problem - try to use "tcpdump" with "grep" to catch the packets from ms-messenger and you will see what ports were used. Then block those ports on your firewall. Another way is to masquarade in the forward chain only allowed services, others by default - j DENY. > Hi friends, > > I am having problem for blocking ms-messenger. > > My firewall this based in packets filter and the policy > input/output/forward is ACCEPT. > > Already the following politics in firewall is implemented in the top > rules: > > ipchains -A input -p tcp -d any/0 --destination-port 1863 -j DENY > ipchains -A input -p tcp -d any/0 --destination-port 1864 -j DENY > ipchains -A forward -p tcp -d any/0 --destination-port 1863 -j DENY > ipchains -A forward -p tcp -d any/0 --destination-port 1864 -j DENY > ipchains -A output -p tcp -d any/0 --destination-port 1863 -j DENY > ipchains -A output -p tcp -d any/0 --destination-port 1864 -j DENY > > ipchains -A input -p udp -d any/0 --destination-port 1863 -j DENY > ipchains -A input -p udp -d any/0 --destination-port 1864 -j DENY > ipchains -A forward -p udp -d any/0 --destination-port 1863 -j DENY > ipchains -A forward -p udp -d any/0 --destination-port 1864 -j DENY > ipchains -A output -p udp -d any/0 --destination-port 1863 -j DENY > ipchains -A output -p udp -d any/0 --destination-port 1864 -j DENY > > However, these politics are not having validity, therefore my users are > obtaining to use this program. > > Somebody as some tip of as to block this software? > > Thanks a lot! > > Best regards. > > P.S.: Plese, it forgives for the horrible english. :-) > > -- > =================================== > Sergio A. Lima Junior > Analista de Suporte > =================================== > Servico de Atendimento ao Cliente > Depto. de Suporte > Gruponet Tecnologia > sergio@xxxxxxxxxxxxxxx > http://www.gruponet.com.br > =================================== > > ------------------------------------------------------------------------ > To unsubscribe email security-discuss-request@xxxxxxxxxxxxxxxxx > with "unsubscribe" in the subject of the message. > ------------------------------------------------------------------------ To unsubscribe email security-discuss-request@xxxxxxxxxxxxxxxxx with "unsubscribe" in the subject of the message.
