Solved

Blocking IM (MSN, Yahoo Messenger) using Squid

Posted on 2004-09-01
3
25,496 Views
Last Modified: 2013-11-22
I have Squid running and I am looking for a way to block Yahoo and MSN messenger. My search of the Internet has not come up with any working solutions.

Has anybody been able to successfully block these IM programs using Squid?

Setup:

Squid 2.4 Stable6
OS: FreeBSD 4.9

Thanks in advance
0
Comment
Question by:cchinoy
3 Comments
 
LVL 61

Expert Comment

by:gheist
ID: 11975468
1) Install all messengers you can imagine - Yahoo! , MSN , AIM , ICQ and Trillian
2) Install packet sniffer like ethereal on workstation
3) now try running all messengers one at a time
4) now look for common signs on how to block them

For example AIM uses host login.oscar.aol.com
MSN Messenger uses MIME type containing "X-MSN-Messenger" string

Same applies to digital media players, spywares, viruses etc.

Never try to use these programs when they are blocked for common users.
0
 

Author Comment

by:cchinoy
ID: 12102723
Thank you I will give this a try
0
 
LVL 2

Accepted Solution

by:
jdw_2004 earned 500 total points
ID: 12132638
These applications use ports other than HTTP.  In fact, these programs are particularly tenacious in their efforts to circumvent restrictions.  Also, for what web accesses they do perform, instant messaging clients may or may not honor the system's proxy configuration.  

Thus, you will not be able to effectively block IM programs using squid, without assistance from a firewall or router.  Even then, eternal vigilance will be required as these programs find new ways to weasel through with each new release.

The following page is very helpful:

http://nscsysop.hypermart.net/no_chat.html

This previous EE question may also be instructive on firewall blocking, if you want to go that route:

http://www.experts-exchange.com/Security/Firewalls/Q_20610865.html

0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Suggested Solutions

My previous tech tip, Installing the Solaris OS From the Flash Archive On a Tape (http://www.experts-exchange.com/articles/OS/Unix/Solaris/Installing-the-Solaris-OS-From-the-Flash-Archive-on-a-Tape.html), discussed installing the Solaris Operating S…
Introduction Regular patching is part of a system administrator's tasks. However, many patches require that the system be in single-user mode before they can be installed. A cluster patch in particular can take quite a while to apply if the machine…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now