General discussion

Locked

How do you block IRC sessions...workstat

By leemgeek ·
How do you block IRC sessions at workstation (NT4.) level? We need to block the Lab (student) workstations from ?Chatting? but need to ensure Internet availability for student research. We need to allow admin-staff to use the chat services.

We have tried to enable ?configure security? in the advanced section of the TCP/IP properties thus allowing only certain HTTP, TCP/IP and UDP ports gain Internet only access.

We performed a capture and found 53, 80 (of course) 1136, 1091, 1152, 1156, 1161, 1163, 1166, 1167 (?) being used but the internet will not work only using these port.

We want to stop AOL, MSN, Yahoo, chats (messengers), etc?at a High School. Our firewall server doesn?t block chats sessions and these company?s have way too many I.Ps to track down. Any ideas???

Lee Maris
Administrative Technologist

This conversation is currently closed to new comments.

16 total posts (Page 1 of 2)   01 | 02   Next
| Thread display: Collapse - | Expand +

All Comments

Collapse -

How do you block IRC sessions...workstat

by Parbo In reply to How do you block IRC sess ...

sii if this works for you http://www.digi4fun.com/Ftp/Rules/BlockUDPIRC.zip

Collapse -

How do you block IRC sessions...workstat

by Parbo In reply to How do you block IRC sess ...

It works with conseal PC firewall I'm not sure if they also have a server version that you can load on you server

Collapse -

How do you block IRC sessions...workstat

by leemgeek In reply to How do you block IRC sess ...

We want to use the "TCP/IP, Advanced, Configure Security" setting offered by NT 4.0 and Win2000 workstation. When we select to ?allow? for IP and input port 80 and 53 the Internet does not work with just these ports selected. We must be missing a port.

Our schools (like most schools) has a small budget, with a myriad P133, P90, and a few C350 WS totaling about 120 WS total. Purchasing software license for each lab WS would be cost prohibitive. However, Appreciate your response.

Collapse -

How do you block IRC sessions...workstat

by leemgeek In reply to How do you block IRC sess ...

Point value changed by question poster.

Collapse -

How do you block IRC sessions...workstat

by leemgeek In reply to How do you block IRC sess ...

The point will be given on these conditions.

1) Suggest ports are tried on a workstation here and we successfully block all chats at the workstation level yet have yet allow Internet availability on the workstation.
2) As soon as this test is sucessfull the point will be release.

Collapse -

How do you block IRC sessions...workstat

by mcarrara In reply to How do you block IRC sess ...

This is not exacttly what you are looking for, but it might help.

I administer a K12 network and am having the exact problem you have, chat clients in the labs. I have not found a way to prevent downloading or operation of the clients.

Recently our administrator was at a convention and saw a product that might help. It is called Aristotle from sgtlabs (www.sgtlabs.com). Their product does not block chat, but notifies you when it is in use.

I have not used the product, but I am thinking of getting a demo during the summer. It does much more then work only with chat. It reports on all network traffic and has customizable reports and alerts. It appears to be some kind of packet sniffer that plugs into the network. I can't remeber the exact price, but $5,000 sticks in my mind.

Like I said, this may not be what you (or I) really want, but it might work. I hope this helps you. If you find something else let me know.

Mark

Collapse -

How do you block IRC sessions...workstat

by leemgeek In reply to How do you block IRC sess ...

Appreciate you taking the time to answer but remember we are a poor school not and corporation thus 5K dollars is way out of our budget.

Collapse -

How do you block IRC sessions...workstat

by leemgeek In reply to How do you block IRC sess ...

Point value changed by question poster.

Collapse -

How do you block IRC sessions...workstat

by mike_mds In reply to How do you block IRC sess ...

Instead of approaching this as a port-blocking problem, have you considered setting up poledit on all these machines and also requiring a network logon for all the 9x boxes (simple registry hack)? You should be able to prevent this unwanted software (among other things) from being installed on the ws in the first place. If only certain necessary executables are allowed to be run, and registry write permissions are limited, it should effectively stop any attempts to put this software on, whether from the internet, cd, or disk. This would also solve your problem of allowing the adults to have chat access. If you are running a NT domain, simply put the kids accounts in one group with a very restrictive poledit policy, and the teachers in another with a much looser poledit policy. Best of all, poledit is free.

Collapse -

How do you block IRC sessions...workstat

by leemgeek In reply to How do you block IRC sess ...

Hi and I appreciate your time but we do have a NT policy in place and it blocks everything but chats. We even figured out how to keep people from saving Internet wallpaper as a background and how lock icons to prevent there movement on the desktop. Remember we must let the Internet trough for HS student research. We have a firewall in place however, the IRC use so many different ports that blocking them is almost impossible. That?s why we want to do it at the WS level, create an Image and reimage all of the machines. Win NT/2K provides us a method using the IP>Configure>Security> but we just need to know the ports at the WS Level to only allow the ports though that allow the internet utilization though thus (reverse thinking) thus inadvertently blocking all other ports utilization. Appreciate your response but we tried that.

Back to Windows Forum
16 total posts (Page 1 of 2)   01 | 02   Next

Related Discussions

Related Forums