A very old tip and trick on blocking yahoo chat messenger from connecting to internet, as per request.
Considering an approved management policies, there are several ways to block yahoo chat messenger from connecting to internet coming from inside your network, depending on what equipment and boxes you have on ground.
If you happen to have an approved global policy to totally block yahoo messenger from any internal systems, you can implement a network-wide blocking of yahoo chat messenger at the router level.
But if you happen not to have core routers from your network and your current connection is just being shared and NATted via your linux proxy box, blocking yahoo chat messenger is easy and possible by implementing it proxy-wide or individually per IP using linux proxy and firewall.
Firewall comes in many names in linux. With Fedora, the name of the firewall is called iptables by default, a successor long after ipchains reigned with RedHats.
If you are going to block yahoo chat messenger or any software from connecting to the web, basically, gathering port numbers and protocols being used by yahoo chat messenger or by that specific software needs to be established and listed out first.
Here are the known yahoo chat messenger (YM) ports
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
TCP Port 5050
TCP Port 5000-5001
UDP Port 5000-5010
TCP Port 5100 (webcam)
TCP Port 5101 (p2p)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Blocking all yahoo chat servers is not advisable as some company IT infrastructures make use of clustered servers with round-robin and/or load-balancing approach for these ports and/or web services requests from end users, thus new servers would not be blocked until you informed yourself immediately.
USING IPTABLES FIREWALL from Fedora
-----------------------------------
Following the port numbers and protocols mentioned above, you can append these line into your /etc/sysconfig/iptables to block YM from connectin to web via linux iptables like so
Additional lines for /etc/sysconfig/iptables
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 5000:5001 -j DROP
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 5050 -j DROP
-A RH-Firewall-1-INPUT -p udp -m udp --dport 5000:5010 -j DROP
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 5100:5101 -j DROP
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
USING SQUID from Fedora
-----------------------------------
An entry of Squid installation and setup would be done separately on another entry sooner or later. But, the above mentioned iptables YM block rules can also be defined and implemeneted into Squid access list.
If the clients are all using Squid for transparent connection, additinally the next Squid access list can also be added to /etc/squid/squid.conf. There is not further changes needed from the client PC.
Additional lines for /etc/squid/squid.conf
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
acl YM_ports port 5100
acl YM_ports port 5101
acl YM_ports port 5050
acl YM_ports port 5000-5010
http_access deny YM_ports
http_access deny CONNECT YM_ports
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
After doing changes with your conf files, make sure you restart the said service like so
# service iptables restart
# service squid reload
USING Access List from Cisco Routers
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From router level, blocking YM can also be done using Cisco access list. Blocking by IP address, port numbers, destination and more are all possible with Cisco ACLs. Unfortunately, my apology for not listing it out here as that would not be linux related. :(
OTHER WAYS
~~~~~~~~~~~
Blocking Yahoo Chat messenger can also be done with different linux softwares like IPChains, IPCop, SquidGuard, Dansguardian and more. Additionally, this can also be done with all bandwidth control and monitoring appliances around the web.
Generally speaking, blocking YM takes TCP port numbers and protocol types. Doing it is a rule of thumb on blocking softwares from connecting to WWW.
Hope this fires up a starting point from your box, balu.
PS
Better to have this late blog reply than never, goodluck then.
Related Posts:
How To See Invisible YM Users
How To Setup Chikka SMS Messenger using Kopete Messenger
How to Install and Setup Google Chat Messenger
How To Setup Chikka SMS Messenger using GAIM Pidgin
How To Install GAIM Pidgin Messenger
How To Install KDE Kopete Messenger
How To Install AMSN Messenger
How To Setup and Install PSI Chat Messenger
Subscription
Categories
- HowTos (612)
- Linux Devices (40)
- Linux Diggs (620)
- Linux News (1541)
- Linux Videos (24)
Recent Posts
Blog Archive
-
▼
2007
(340)
-
▼
August
(95)
- KCron - GUI task scheduler
- Linux backups powered by Tar
- INQ7 front page image retrieval
- using wget for data and file transfers
- BibleTime - Bible study from Linux howto
- human readable DVD/CD drive technical details
- sound-juicer - alternative audio CD ripper install
- Stellarium - watch the sky from Linux
- Munin - monitor linux hosts install howto
- blocking yahoo chat messenger
- string manipulation using cut linux command
- graphing skystream DVB receiver's Eb/No and signal...
- BZFlag - 3D multi-player tank game install howto
- screenshot and snapshot creations howtos
- string parsing using bash
- grep multiple character from string or file
- enable and disable of telnet service
- grep multiple strings from a file
- remove spaces from filenames
- ISO creation and CD/DVD burning from terminal
- send a message to user's terminal
- retrieve GMail emails via terminal using fetchmail
- more of activating and deactivating network card
- set new mysql password
- TIP: enable thumbnail display images from apache
- monitor large mailbox users
- using the linux yes command
- string manipulation using tr linux command
- install and play 2D chess game in linux
- more firefox tips and tricks
- recover root password on linux
- establish ssh connection from different port
- uniq linux command
- remove blank lines using grep or sed
- date and time sync via NTP server howto
- who am I
- delete spam email and folder regularly howto
- hello world bash and perl script
- passwordless rdesktop session with XP howto
- force VGA screen resolution and screen mode
- RealPlayer 10 for linux install howto
- Grip - CD ripper install howto
- Banshee - music management and playback
- gnome music applet install howto
- Pirut and yum-updatesd - software management
- Alacarte - editing panel menus install howto
- access NTFS drive in Fedora
- FileLight - graphical disk usage and statistics
- TestDisk- partition tool install howto
- using /dev/null in linux terminal
- yahoo messenger in fedora install howto
- check and repair MS-DOS file systems howto
- using fdformat and mkdosfs from terminal
- Tremulous - Quake 3 install howto
- block consecutive IP address using scripts
- using floppy linux command from terminal
- display word or text file in reversed pattern
- convert a file to equivalent hex/binary code
- spell check text file from terminal
- create screen timer from linux howto
- recreate deleted /dev/null
- harddisk monitoring using smartctl
- bind ssh to selected IP address
- restrict su command to superuser only
- thunderbird install howto
- dovecot POP3/POP3S server with SSL/TLS install howto
- qpopper POP3 server install howto
- my other linux pages
- more ssh log parsing and monitoring
- checking daemon service bash script
- HTML CHM help file viewer install howto
- du - the disk usage linux command howto
- gnome language translator install howto
- display linux memory information howto
- display the number of processor howto
- 3d tabletennis game install howto
- Nokia N70 on Fedora via USB data cable
- Fedora 7 as guest host from VirtualBox
- at - jobs scheduling howto
- Nokia 70 linux connection via bluetooth dongle howto
- crontab - jobs scheduling howto
- managing daemon services howto
- create your own linux OS distro howto
- kernel devel headers install howto
- more multimedia browser plugins install howto
- numlock on with X install howto
- Fedora and RHEL differences
- create virtual terminals with single ssh connection
- virtual CentOS using VMWare 5.5.4 install howto
- VMware workstation 5.5.4 install howto
- 50 quick linux command tips part 4
- 5 SysAds permanent static route story
- ssh log parsing and monitoring
- removable drives, devices and media preferences
- gnome-blog desktop blogging install howto
-
▼
August
(95)
Wednesday, August 29, 2007
blocking yahoo chat messenger
Subscribe to:
Post Comments (Atom)
ILoveTux - howtos and news | About | Contact | TOS | Policy
0 comments:
Post a Comment