What port does Hopster run on

Hello,

I run a squid proxy server at work, and the students have found Hopster and now run msn and other various apps. Does anyone know how hopster can be blocked at the firewall?

cheers

Kurt
LVL 1
kurtc0107Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

lrmooreCommented:
Best thing I can determine is to block the hopster server subnets:
  block everything to 212.126.66.0 - 212.126.67.255
0
kurtc0107Author Commented:
And within squid how is this done?
0
td_milesCommented:
you should create a squid acl:

acl hopster dst 212.126.66/255.255.254.0

and then deny access to it, by inserting the line:

http_access deny hopster

in the appropriate place in your config file (before the permit staements).

see the squid doc (the config file is also heavily documented) for more info on using access lists.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
What were the top attacks of Q1 2018?

The Threat Lab team analyzes data from WatchGuard’s Firebox Feed, internal and partner threat intelligence, and a research honeynet, to provide insightful analysis about the top threats on the Internet. Check out our Q1 2018 report for smart, practical security advice today!

kurtc0107Author Commented:
thanks td_miles

ill give that a shot.
0
kurtc0107Author Commented:
No luck

I have other acl's in place that work, but hopster just keeps on running.

I have also tried the suggestion on:
http://www.derkeiler.com/Mailing-Lists/securityfocus/focus-linux/2004-08/0003.html and no luck.

Hhmm. Any other suggestions?
0
td_milesCommented:
Looking at my hasty typing, I left a ZERO off the end of the network I gave you above, it should be 212.126.66.0/255.255.254.0

That link you have posted above gave a different IP address that you needed to block, have you blocked that as well ?

You may have to monitor the traffic and determine what other IP addresses you may need to block.
0
kurtc0107Author Commented:
yeah I added the 0, could see that was a mistake

Yep got that blocked as well
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Software Firewalls

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.