Question About Blocking Msn In Linux

Free Web Hosting

Question About Blocking Msn In Linux

Free Web Hosting

Free Web Hosting

Welcome Guest ( Log In | Register )

Free Web Hosting > Computers & Tech > Operating Systems > Linux

Reply to this topic

Start new topic

Question About Blocking Msn In Linux

jedipi View Member Profile Find Member's Posts	Jul 22 2005, 07:39 AM Post #1
Premium Member Group: Members Posts: 352 Joined: 2-March 05 From: Australia Member No.: 2,859	I am trying to block MSN. The following is my config: CONSOLE iptables -A FORWARD -d gateway.messenger.hotmail.com -j DROP iptables -A FORWARD --protocol tcp --dport 1863 -j REJECT --reject-with tcp-reset for i in `cat /etc/msnserverlist`;do /sbin/iptables -A FORWARD -d $i -j DROP;done for i in `cat /etc/msnserverlist`;do /sbin/iptables -A FORWARD -s $i -j DROP;done msnserverlist: 207.46.4.55 207.46.4.161 207.46.0.74 207.46.4.40 207.46.6.101 207.46.4.93 207.46.4.38 207.46.0.48 207.46.0.144 207.46.4.59 207.46.6.29 207.46.6.176 207.46.0.22 207.46.0.54 65.54.239.20 207.46.0.92 207.46.0.68 207.46.0.46 207.46.6.186 207.46.2.161 207.46.0.81 207.46.6.201 65.54.239.140 207.46.0.96 61.129.45.63 207.46.0.57 207.46.0.75 207.46.0.83 207.46.0.151 207.46.0.147 iptables -A FORWARD -d 64.4.12.200 -p udp --dport 7001 -j DROP iptables -A FORWARD -d 64.4.12.201 -p udp --dport 7001 -j DROP iptables -A FORWARD -d 65.54.226.247 -p udp --dport 443 -j DROP iptables -A FORWARD -d 207.46.104.20 -p udp --dport 1863 -j DROP iptables -A FORWARD -d 207.46.106.99 -p udp --dport 1863 -j DROP iptables -A FORWARD -d 207.46.110.254 -p udp --dport 80 -j DROP iptables -A FORWARD -s 64.4.12.200 -p udp --sport 7001 -j DROP iptables -A FORWARD -s 64.4.12.201 -p udp --sport 7001 -j DROP iptables -A FORWARD -s 65.54.226.247 -p udp --sport 443 -j DROP iptables -A FORWARD -s 207.46.104.20 -p udp --sport 1863 -j DROP iptables -A FORWARD -s 207.46.106.99 -p udp --sport 1863 -j DROP iptables -A FORWARD -s 207.46.110.254 -p udp --sport 80 -j DROP iptables -A FORWARD -d 64.4.12.200 -p tcp --dport 7001 -j DROP iptables -A FORWARD -d 64.4.12.201 -p tcp --dport 7001 -j DROP iptables -A FORWARD -d 65.54.226.247 -p tcp --dport 443 -j DROP iptables -A FORWARD -d 207.46.104.20 -p tcp --dport 1863 -j DROP iptables -A FORWARD -d 207.46.106.99 -p tcp --dport 1863 -j DROP iptables -A FORWARD -d 207.46.110.254 -p tcp --dport 80 -j DROP iptables -A FORWARD -s 64.4.12.200 -p tcp --sport 7001 -j DROP iptables -A FORWARD -s 64.4.12.201 -p tcp --sport 7001 -j DROP iptables -A FORWARD -s 65.54.226.247 -p tcp --sport 443 -j DROP iptables -A FORWARD -s 207.46.104.20 -p tcp --sport 1863 -j DROP iptables -A FORWARD -s 207.46.106.99 -p tcp --sport 1863 -j DROP iptables -A FORWARD -s 207.46.110.254 -p tcp --sport 80 -j DROP But they do not work. MSN still can connect to the server. Does anyone know how to block it?? Notice from moonwitch: put console tag in, adjusted credits

moonwitch View Member Profile Find Member's Posts	Jul 22 2005, 02:32 PM Post #2
Demonic Enforcer Group: [HOSTED] Posts: 597 Joined: 2-March 05 From: Belgium Member No.: 2,861	First of all; USE THE QUOTES OR CONSOLE! Secondly istead of listing the long list of each server, use 207.46..

Trekkie101 View Member Profile Find Member's Posts	Jul 22 2005, 02:39 PM Post #3
Teh Teckeh Trekkeh Group: Members Posts: 682 Joined: 8-September 04 From: Scotland, UK Member No.: 389	Theres a LOT more servers than that, over 200 if im right. http://www.xeomax.net/scripts/download.php?a=MSNServersX Run that, it'll give you a list and allow you to chose a server if you wanted.

qwijibow View Member Profile Find Member's Posts	Jul 23 2005, 09:55 AM Post #4
Way Out Of Control - You need a life :) Group: Members Posts: 1,366 Joined: 14-September 04 From: Nottingham England Member No.: 570	Im not 100%, but dont all the msn server use the same port (or same range of ports) you may have more luck blocking tcp packets in state NEW to msn server ports. CODE iptables -A FORWARD -p tcp --dport <msn_server_port_range> -m state --state NEW -j DROP

jedipi View Member Profile Find Member's Posts	Jul 23 2005, 11:20 AM Post #5
Premium Member Group: Members Posts: 352 Joined: 2-March 05 From: Australia Member No.: 2,859	thanks moonwitch for adding the console tag. I did try to add it before I click post button. but it did look good in preveiw (even now). --- 1 line statement become 2 lines. thats why I did do that. and thanks for the suggestion... however, the problem still remain. MSN still can online. any other ideas???

jipman View Member Profile Find Member's Posts	Jul 23 2005, 12:57 PM Post #6
Pretty please? Group: Members Posts: 733 Joined: 28-November 04 From: Holland Member No.: 1,552	You could try to block all access from and to port 1863, that is the default port (maybe there are more, like the ones in your start-post , but leave the 80 port open ). Also, you also might need to ban somesites with online-messenger stuff, like http://webmessenger.msn.com http://www.e-messenger.net

madcrow View Member Profile Find Member's Posts	Jul 23 2005, 04:14 PM Post #7
Advanced Member Group: Members Posts: 196 Joined: 12-April 05 Member No.: 3,899	Why would you ever need to block MSN? Do you just not want Windows users to be able to connect to your server or something?

jipman View Member Profile Find Member's Posts	Jul 23 2005, 05:08 PM Post #8
Pretty please? Group: Members Posts: 733 Joined: 28-November 04 From: Holland Member No.: 1,552	QUOTE Why would you ever need to block MSN? Do you just not want Windows users to be able to connect to your server or something? 1. Did you ever think about that every single message goes through the m$ servers? And that privacy is a rare thing there? 2. Ever thought that if at work, everyone's nudging and msg'ing each other, would there be any work done? 3. You are confused, this has nothing to do with windows/linux, it's the PROTOCOL [wha?] 4. MSN is the lamest protocol ever and GAIM ownzz it's sorry ass? [/wha?]

Trekkie101 View Member Profile Find Member's Posts	Jul 23 2005, 08:05 PM Post #9
Teh Teckeh Trekkeh Group: Members Posts: 682 Joined: 8-September 04 From: Scotland, UK Member No.: 389	4. Not true, the MSN protocal is pretty good if you have a bot, very easy to work with.

madcrow View Member Profile Find Member's Posts	Jul 27 2005, 01:51 PM Post #10
Advanced Member Group: Members Posts: 196 Joined: 12-April 05 Member No.: 3,899	I see. You're one of those evil bosses who wants to control everything your employees do and prevent them from using the internet for anything other than stock quotes and stuff. Notice from qwijibow: Your first post in this thread was tolerated, but this is just pointless spam/flaimbait. please keep your posts relevant to the topic.

« Next Oldest · Linux · Next Newest »

Reply to this topic

Start new topic

Similar Topics

Similar Topics

Topics

Topics

Display Mode: Standard · Switch to: Linear+ · Switch to: Outline

Track this topic · Email this topic · Print this topic · Subscribe to this forum

Lo-Fi Version

Time is now: 11th October 2008 - 05:05 AM

Powered By IP.Board 2.2.1 © 2008 IPS, Inc.

Licensed to: Xisto Corporation