Internet Content Filtering Suggestions

Wil McGilvery wmcgilvery
Mon May 17 11:44:33 PDT 2004 

Thanks

Wil McGilvery
Manager, Digital Media



416-744-7191
416-716-3964 (cell)
1-888-622-3729
416-744-0406? FAX
www.LynchDigital.com


-----Original Message-----
From: Federico Voges [mailto:fvoges at intrasoft.com.ar] 
Sent: Thursday, February 13, 2003 5:05 PM
To: linux-users at linux-sxs.org
Subject: RE: Internet Content Filtering Suggestions

WARNING: Unsanitized content follows.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

You can do that on linux too, but only with local apps (note: the same
limitation applies to windows). Once on the "wire", there's no way to
know which application generated the packet*. 

* Well, that's not entirely correct, you can infer the originating app
from the packet headers/contents but that is very CPU intensive.

Bye!

On Thu, 13 Feb 2003 15:29:09 -0500, Wil McGilvery wrote:

>That is what I have done as well. I have blocked the domain of the servers used for these programs. I was wondering if there was a way to block by application. My only experience with this was in the Windoze world where I could say allow Netscape or Internet Exploder on port 80 but not msn messenger.
>
>Regards,
>
>Wil McGilvery
>Manager, Digital Media
>
>
>
>416-744-7191
>416-716-3964 (cell)
>1-888-622-3729
>416-744-0406  FAX
>www.LynchDigital.com
>
>
>-----Original Message-----
>From: Federico Voges [mailto:fvoges at intrasoft.com.ar] 
>Sent: Thursday, February 13, 2003 3:22 PM
>To: linux-users at linux-sxs.org
>Subject: RE: Internet Content Filtering Suggestions
>
>WARNING: Unsanitized content follows.
>Hi,
>
>The idea is to block the login servers. I have this from the LARTC
>list:
>
>-------- START SNIP --------
>This one Blocks AOL IM and ICQ
>
>iptables -A FORWARD --dport 5190 -j REJECT
>iptables -A FORWARD -d login.oscar.aol.com -j REJECT
>
>
>--------------------------
>This one Blocks MSN Messenger  
>
>iptables -A FORWARD -p TCP --dport 1863 -j REJECT
>iptables -A FORWARD -d 64.4.13.0/24 -j REJECT
>
>-------- END SNIP --------
>
>Note that the auto config of ICQ (Main -> Preferences -> Connections ->
>Server -> Auto Configure) sometimes uses other port numbers besides the
>default (5190). Don't know if those rules efectivelly disables the auto
>config feature or not.
>
>Bye!
>
>On Thu, 13 Feb 2003 15:10:29 -0500, Wil McGilvery wrote:
>
>>You could try Dans Gaurdian.
>>
>>It works with squid and will allow you to controls the sites they go to.
>>
>>http://dansguardian.org/
>>
>>You can also limit what files they download by extension if you wish.
>>
>>To block access after 6:00 pm you use a cron job to shut down squid/dansguardian.
>>
>>As Fredrico said, iptables can be use to block the ports that these messengers use, but they can still use port 80. 
>>
>>I don't know how to block by application so I just blocked the domains that these servers are on. For example I have blocked hotmail and msn messenger, but not msn.com
>>
>>(If anyone reading this knows how to block port 80 for msn messenger and not your browser, I would love to know how).
>>
>>HTH
>>
>>
>>Wil McGilvery
>>Manager, Digital Media
>>
>>
>>
>>416-744-7191
>>416-716-3964 (cell)
>>1-888-622-3729
>>416-744-0406  FAX
>>www.LynchDigital.com
>>
>>
>>-----Original Message-----
>>From: Federico Voges [mailto:fvoges at intrasoft.com.ar] 
>>Sent: Thursday, February 13, 2003 1:41 PM
>>To: linux-users at linux-sxs.org
>>Subject: Re: Internet Content Filtering Suggestions
>>
>>WARNING: Unsanitized content follows.
>>On Thu, 13 Feb 2003 11:03:43 -0600, Ben Duncan wrote:
>>
>>>Have a client that has about 25 WinSLug Computers. We need to 
>>>implement some sort
>>>content / virus filtering, as the employees are starting to abuse the 
>>>internet connection.
>>>
>>>We need to allow them to access certain web sites, restrict others, 
>>>BLOCK ICQ/AIM, and
>>>do a "time" (Absolutely NO access to the internet after 6PM).
>>>
>>>Now SonicWall seems to be the leading contender here for an appliance 
>>>solution, BUT, they
>>>want a "subscription" on all of there devices.
>>>
>>>Any Suggestion here? NutZwerk Appliance? Cheap PC with linux and some 
>>>sort of easy to use
>>>admin software?
>>>
>>Te most flexible solution is the last: PC + Linux.
>>
>>You can use Squid + some extra soft to limit web usage and
>>netfilter/iptables to block IMs.
>>
>>In fact, if you just need ftp/web access you can turn of forwarding at
>>the gateway and force everyone to go out through Squid (and maybe, a
>>socks server).
>>
>>One caveat: you'll need at least some scripting skills to go this way.
>>
>>Another option is to use one of the comercial "out of the box"
>>solutions. One that looks ok is Astaro Security Linux (www.astaro.com).
>>It's comercial but you can download the full product iso image to
>>testing (if you like it, all you need to do is enter de reg key in the
>>control panel).
>>
>>I haven't used it, but appears to be one of the mos t complete and
>>flexible arround.
>>
>>You can also go the LRP style and use one of the many LRP
>>clones/derivatives. A good start point is http://leaf.sf.net
>>
>>Just my $0.02 :)
>>Federico Voges
>>Socio gerente
>>
>>Intrasoft
>>Malabia 2137 14 A
>>(1425) Buenos Aires
>>Argentina
>>
>>Te/Fax: 54-11-4833-5182
>>e-mail: fvoges at intrasoft.com.ar
>>Web: http://www.intrasoft.com.ar
>>
>>
>>
>>_______________________________________________
>>Linux-users mailing list
>>Linux-users at linux-sxs.org
>>Unsubscribe/Suspend/Etc -> http://www.linux-sxs.org/mailman/listinfo/linux-users
>>
>>_______________________________________________
>>Linux-users mailing list
>>Linux-users at linux-sxs.org
>>Unsubscribe/Suspend/Etc -> http://www.linux-sxs.org/mailman/listinfo/linux-users
>
>Federico Voges
>Socio gerente
>
>Intrasoft
>Malabia 2137 14 A
>(1425) Buenos Aires
>Argentina
>
>Te/Fax: 54-11-4833-5182
>e-mail: fvoges at intrasoft.com.ar
>Web: http://www.intrasoft.com.ar
>
>
>
>_______________________________________________
>Linux-users mailing list
>Linux-users at linux-sxs.org
>Unsubscribe/Suspend/Etc -> http://www.linux-sxs.org/mailman/listinfo/linux-users
>
>_______________________________________________
>Linux-users mailing list
>Linux-users at linux-sxs.org
>Unsubscribe/Suspend/Etc -> http://www.linux-sxs.org/mailman/listinfo/linux-users

Federico Voges
Socio gerente

Intrasoft
Malabia 2137 14 A
(1425) Buenos Aires
Argentina

Te/Fax: 54-11-4833-5182
e-mail: fvoges at intrasoft.com.ar
Web: http://www.intrasoft.com.ar

-----BEGIN PGP SIGNATURE-----
Version: PGP SDK 3.0

iQA/AwUBPkwWfxRcJRaVKt4XEQJ7rQCeNEG9DI7nHuTpkbzNnX101YXjeVEAnAwl
PyWPip0PTxj03co0U+DP/m7J
=yL8A
-----END PGP SIGNATURE-----



_______________________________________________
Linux-users mailing list
Linux-users at linux-sxs.org
Unsubscribe/Suspend/Etc -> http://www.linux-sxs.org/mailman/listinfo/linux-users

More information about the Linux-users mailing list