Question

Locked

Block YM and MSN Messenger

By nixao27 ·
Hi Good Day, can anyone please help me, i have a proxy server in my network and i want to block Chikka, Yahoo Messenger and any messenger service. Is it possible for me to block them using squid proxy server?

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Answers

Collapse -

Group Policy is a good option

by ali.iqbalamzt In reply to Group Ploicy

Hi Good Day;
Group Policy is a good option but what if we dont have Active directory and a user group we can configure it on computor configuration tap as well

Also we can disallow Permission to a perticular application using Start>Run>Regedt32.exe, find your software right click on it and select the permission you want.

Collapse -

Blocking the port does not give solution to ANY messenger service

by devel In reply to Block YM and MSN Messenge ...

There are browser based messengers
as http://www.chaosex.com/ .
To block them you should also disable
javascript on browser.

(or block port 80 of http).

Collapse -

Block IM

by Nimmo In reply to Blocking the port does no ...

The only real way to effectively block instant messenger chat programs and the web based versions is by using a mixture of; setting up group policies to block certain software, locking down all ports except the ones that your company uses, and correctly configuring firewalls.

Using group policies you can restrict what software can be installed and ran, along with what internet sites can and can't be visited.

Blocking all ports except the ones that are used by your company, and setting up access lists will also aid in only allowing certain traffic to and from you network.

Collapse -

Block Yahoo Messenger and any messenger with squid proxy.

Block Yahoo Messenger and any messenger with squid proxy.

Block Messenger (AOL, Yahoo, MSN) services through Squid and Iptables
First of all you need to have a running copy of squid and you make transparent for your local LAN.
Add this to your squid.conf:
Quote:
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on

And this to your IPTABLES:
Quote:
iptables -t nat -A PREROUTING -i eth1 -p tcp ?dport 80 -j REDIRECT ?to-port 3128
iptables -A OUTPUT -j ACCEPT -m state ?state NEW,ESTABLISHED,RELATED
-o eth0 -p tcp ?dport 80

?where eth0 is your external interface and eth1 your internal.

To block AOL IM and ICQ:
Quote:
# iptables -A FORWARD ?dport 5190 -j DROP
# iptables -A FORWARD -d login.oscar.aol.com -j DROP

To block MSN messenger:
Quote:
# iptables -A FORWARD -p TCP ?dport 1863 -j DROP
# iptables -A FORWARD -d 64.4.13.0/24 -j DROP

Kaaza Blocking
Quote:
iptables -t nat -A POSTROUTING -s 150.100.16.0/255.255.240.0 -d ! 150.100.16.0/255.255.240.0 ?dport 1214 ?j DROP

Add following in squid.conf file
Quote:
# Yahoo Messenger service
acl Yahoo-Mess dst 24.71.200.68/32 204.71.202.73/32 204.71.200.0/24
204.71.177.35/32 204.71.202.59/32 204.71.202.58/32 216.115.105.214/32
204.71.201.47/32 204.71.201.48/32 216.115.105.215/32
216.136.172.221/32 *.msg.yahoo.com
http_access deny Yahoo-Mess

Quote:
# Trillian service
acl Trillian-Mess dst 66.216.70.167/32
http_access deny Trillian-Mess

Thanks to CM for this..

Please post back if you have any more problems or questions.

Related Discussions

Related Forums