On Wed, 2004-01-28 at 08:23, Lemor wrote:
> fe. like kaza?
There are a number of things that are easy to block, such as web
traffic, smtp traffic, web traffic to a particular IP address or
network, most IRC servers and so on. There are a number of things that
are much harder to block, such as MSN Messenger, Kazaa, Yahoo!
Messenger, and so on.
The reason this second class of protocols/applications is harder to
block is that they have been designed to get around firewalls by
dropping back to an often-used port - normally the http port, port 80 -
if their default port range is blocked. This makes these next to
impossible to block with a simple port filter such as that in m0n0wall,
SmoothWall, IPCop, and anything else using this method.
There are a number of applications - mainly squidGuard and Dan's
Guardian (also sold as SmoothGuardian/Corporate Guardian)- that can be
run on your squid proxy server to assist in blocking these types of
traffic, and other forms of traffic such as advertising etc.
As m0n0wall is not a web cache (it doesn't run squid), then you will
need to have an internal machine that runs squid, that is configured to
block traffic on port 80 to these destinations.
Basically, and unfortunately, it is not that easy to block these
Hilton Travis Email: Hilton at QuarkAV dot com
Manager, Quark AudioVisual Phone: +61-(0)7-3343-3889
Quark Computers Phone: +61-(0)419-792-394
(Brisbane, Australia) http://www.QuarkAV.com/
Open Source Projects: http://www.ares-desktop.org/
Non Linear Video Editing Solutions & Digital Audio Workstations
Network Administration, SmoothWall Firewalls, NOD32 AntiVirus
Conference and Seminar AudioVisual Production and Recording
War doesn't determine who is right. War determines who is left.