Joerg Schuetter escribió:
> On Wed, 27 Jun 2007 09:19:46 +0800
> Adrian Chadd <adrian@creative.net.au> wrote:
>
>> On Tue, Jun 26, 2007, Andreas Pettersson wrote:
>>> Adrian Chadd wrote:
>>>> People keep asking about how to block IM in Squid; would
>>>> anyone like to kick up some ACLs that they use to block IM
>>> ICQ? MSN? Windows Messenger? AOL? Skype? Jabber? IRC? Sametime?
>>> Or http://webmessenger.msn.com/ or http://talk.google.com/ ?
>> My question is just as vague as the various questions people ask
>> about "blocking IM". Hence why I'd like to arrange a Wiki article
>> about it!
>
> This is how we block IM to msn, but leafe the connection open to
> "normal" web-pages on msn.
>
> acl msn_req req_mime_type application/x-msn-messenger
> acl msn_rep rep_mime_type application/x-msn-messenger
> http_access deny mynetwork msn_req
> http_reply_access deny mynetwork msn_rep
>
We have the above directives to block MSN plus the below to block skype.
acl CONNECT method CONNECT
acl skype url_regex ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+
deny_info ERR_CLIENT_HTTPS2IP_DENIED skype
http_access deny CONNECT skype
This paper give some slightly explanation
http://packetstormsecurity.org/papers/general/BlockingSkype-rootn0de2005.pdf
As Matus pointed in a previous mail, to block IM with squid all IM
traffic must be (re)directed to squid so MSN, Jabber and GTalk clients
should have the proxy connections configured. In the case of MSN client
is not needed because catch the IE proxy configuration.
To block correctly the IM in a network it depends a lot of the network
architecture.
Thanks
Emilio C.
Received on Wed Jun 27 2007 - 07:03:22 MDT
This archive was generated by hypermail pre-2.1.9 : Sun Jul 01 2007 - 12:00:05 MDT