[Subject Prev][Subject Next][Thread Prev][Thread Next][Subject Index][Thread Index]

Re: [LIH] messengers blocking

To: Linux India General <linux-india-general@xxxxxxxxxxxxxxxxxxxxx>
Subject: Re: [LIH] messengers blocking
From: Suresh Ramasubramanian <mallet@xxxxxxx>
Date: Thu, 16 Nov 2000 21:26:18 +0530
In-reply-to: <14867.62319.938635.679788@localhost.localdomain>; from raju@linux-delhi.org on Thu, Nov 16, 2000 at 08:17:11PM +0530
Mail-followup-to: Linux India General <linux-india-general@xxxxxxxxxxxxxxxxxxxxx>
Organization: Hopelessly Disorganized
References: <20001116151917.B23640@oyeindia.com> <Pine.OSF.3.95.1001116154639.1788A-100000@bom4.vsnl.net.in> <20001116160024.A23896@oyeindia.com> <14867.62319.938635.679788@localhost.localdomain>
Reply-to: Suresh Ramasubramanian <mallet@xxxxxxx>
User-agent: Mutt/1.2.5i

[moving to LIG]

Raju Mathur rearranged electrons thusly:

> Just run this command:
>      ipchains -A input -s 0.0.0.0/0 -j DENY
> and all your network problems will be solved forever.
 
 Yeah, you are right.  That *will* solve it :)
 
> BTW, please take non-tech discussions about the rightness or wrongness
> (I just made that word up, pay RMS royalties if you want to use it) of
> port blocking, mail filtering, mail scanning, etc to LIG.

 It'll make a pleasant change from the gnu/bsd threads ;)
 
 As I posted my reply to Archan Paul on LIH, please do read it - and followup
 to LIG in case you are interested ;)
 
 	+suresh
	
> Regards,
> -- Raju
 
> >>>>> "Suresh" == Suresh Ramasubramanian <mallet@xxxxxxx> writes:
> 
>     Suresh> VaibhaV Sharma rearranged electrons thusly:
>     >> Instead what I suggest is - 1. Remove masquerading on the
>     >> firewall. So that the ONLY way to go out of the local net is
>     >> the proxy server. Whish would ONLY allow yahoo messenger
> 
>     Suresh> Removing masq will break several other things as well :(
> 
>     >> etc. which use HTTP. If you wanna block these too then use
>     >> squid ACL's OR use firewall rules again.
>  
>     >> 2. If you Don wanna remove masq. but wanna block. then just
>     >> gather the host names from the client spoftwares like icq
>     >> clietn, yahoo messenger etc. and block these hosts as
>     >> destination hosts on the firewall. I guess the latest ICQ
>     >> servers are the cluster1.icq.com or something.
>  
>     Suresh>  route add ip.of.blocked.site 127.0.0.1 to nullroute it or
>     Suresh> using ipchains: /usr/sbin/ipchains -j DENY -s
>     Suresh> ip.in.cidr.format -I input 1
>  
>     Suresh>  [cidr format = 192.168.1.1/32, 192.168.1.0/24, etc]
>  
>     >> I use the first one as such. Its mush easier and fool proof, to
>     >> an extent atleast if not completely.  Flames?? Love letters??
>  
>     Suresh>  You would get a love letter from me - only, I don't swing
>     Suresh> that way :).  Netadmins see it the same way, I see.
>  
>     >> VaibhaV Sharma Network Administrator
> 
>     Suresh> -- Suresh Ramasubramanian + mallet<@>efn.org You spamma my
>     Suresh> mailbox, I nukea da ass
> 
> ----------------------------------------------
> Find out more about this and other Linux India 
> mailing lists at http://lists.linux-india.org/

-- 
Suresh Ramasubramanian + mallet<@>efn.org
  You spamma my mailbox, I nukea da ass

Prev by Subject: Re: [LIH] Log Outgoing Mail
Next by Subject: Re: [LIH] RE: Fw: How to bind IP on linux
Previous by thread: LINK: Indonesia open source workshop...
Next by thread: Anyone from Gwalior ?
Index(es):
- Subject
- Thread