Napster and other 'ster' filtering thru ipchains
der.hans
PLUGd@LuftHans.com
Thu, 5 Oct 2000 12:15:41 -0700 (MST)
Am 05. Oct, 2000 schwäzte sinck@ugive.com so:
>
>
> \_ I am faced with the need to filter Napster and for now a program
> \_ called 'Scour' from my son's internet access. Can anyone tell me
> \_ where to locate a list of ports that these programs use? I also
> \_ need to start logging my son's internet use. Can you give me some
> \_ pointers in enableing logging and what to expect in log output?
> \_ Your help is greatly appreciated.
If you're just trying to limit his bandwidth use ipchains to reduce his
QoS :).
> Try dropping all connections from said box that are *not* to port 80,
> port 443 (https), or your provider's pop account [depending]. Turn on
> logging for all web syn packets. You'll have to decode ip->name, but
> that's easy enough.
You can force port 80 through squid on the firewall. That'll,
unfortunately, also log URLs and such. Don't know if you can force 443
through a proxy, but you could block it, thereby forcing use of the proxy
to use it.
> The biggest problem is that if he's at all web savvy, you'll have this
> breached immediately through a simple redirection through
> akamai...unless you ban them entirely, which will probably cripple
> other important stuff.
Mostly ads, I think :).
ciao,
der.hans
--
# der.hans@LuftHans.com home.pages.de/~lufthans/ www.Opnix.com
# HERE LIES LESTER MOORE
# SHOT 4 TIMES WITH A .44
# NO LES
# NO MOORE
# -- tombstone, in Tombstone, AZ