Well, ok, the best way is block all ms sites ;-D On Tue, 2003-06-03 at 14:39, Bruno Gimenes Pereti wrote: > Hi Sergio, > > Paranoic protection is not the solution, MSN Messager connects to port 80 > when it canÂt find port 1863. tcpdump is the best way to discover this but I > think itÂs easier to use netstat from the client host. > You will have to block a lot of server from Microsoft (at least port 80). > These is my rules from iptables to block one host (10.1.0.10). > > -A FORWARD -i eth2 -p tcp -m tcp -s 10.1.0.10 --dport 1863 -j DROP > -A FORWARD -i eth2 -p tcp -m tcp -s 10.1.0.10 -d 207.46.110.0/24 -j DROP > > in ipchains you will get something like this: > > -A forward -p tcp -d 0/0 1863 -j DENY > -A forward -p tcp -d 207.46.110.0/24 80 -j DENY > > Sometime ago I couldnÂt open www.microsoft.com.br using this rules because > those servers used to be the one who redirect www.microsoft.com.br to > www.microsoft.com/brasil, but today I didnÂt got this problem. > > Good luck. > Bruno Pereti. > > PS. Your english is not worst than mine. :^) > > > > > Hi friends, > > > > > > I am having problem for blocking ms-messenger. > > > > > > My firewall this based in packets filter and the policy > > > input/output/forward is ACCEPT. > > > > > > Already the following politics in firewall is implemented in the top > > > rules: > > > > > > ipchains -A input -p tcp -d any/0 --destination-port 1863 -j DENY > > > ipchains -A input -p tcp -d any/0 --destination-port 1864 -j DENY > > > ipchains -A forward -p tcp -d any/0 --destination-port 1863 -j DENY > > > ipchains -A forward -p tcp -d any/0 --destination-port 1864 -j DENY > > > ipchains -A output -p tcp -d any/0 --destination-port 1863 -j DENY > > > ipchains -A output -p tcp -d any/0 --destination-port 1864 -j DENY > > > > > > ipchains -A input -p udp -d any/0 --destination-port 1863 -j DENY > > > ipchains -A input -p udp -d any/0 --destination-port 1864 -j DENY > > > ipchains -A forward -p udp -d any/0 --destination-port 1863 -j DENY > > > ipchains -A forward -p udp -d any/0 --destination-port 1864 -j DENY > > > ipchains -A output -p udp -d any/0 --destination-port 1863 -j DENY > > > ipchains -A output -p udp -d any/0 --destination-port 1864 -j DENY > > > > > > However, these politics are not having validity, therefore my users are > > > obtaining to use this program. > > > > > > Somebody as some tip of as to block this software? > > > > > > Thanks a lot! > > > > > > Best regards. > > > > > > P.S.: Plese, it forgives for the horrible english. :-) > > > > > > -- > > > =================================== > > > Sergio A. Lima Junior > > > Analista de Suporte > > > =================================== > > > Servico de Atendimento ao Cliente > > > Depto. de Suporte > > > Gruponet Tecnologia > > > sergio@xxxxxxxxxxxxxxx > > > http://www.gruponet.com.br > > > =================================== > > ------------------------------------------------------------------------ > To unsubscribe email security-discuss-request@xxxxxxxxxxxxxxxxx > with "unsubscribe" in the subject of the message. -- ------------------------------------------------------------------- | Andreu SÃnchez Costa - Dep. Gestià de Sistemes - sistemes@xxxxxx | | Tel: +34973234106 - http://www.iws.es/ - Internet Web Serveis | | Fingerprint = 3ADA 69EF 4E84 DEC8 D219 6863 83F0 513E 06AE 46D1 | | GnuPG key: 06AE46D1 ( pgp.mit.edu - www.keyserver.net ) | -------------------------------------------------------------------
Attachment:
signature.asc
Description: This is a digitally signed message part
