Check which ports the ICQ and the IRC work and then deny any
outgoing packets to those ports.
Even if the modem dials you still will not allow for ICR or ICQ.
The Wolf
-----Original Message-----
From: Shawn T. Rutledge [
mailto:rutledge@cx47646-a.phnx1.az.home.com]
Sent: Tuesday, March 07, 2000 11:22 PM
To:
plug-discuss@lists.PLUG.phoenix.az.us
Subject: How to detect what process is making a connection?
I got my dad using a linux gateway to ppp into my system for internet
access.
Well it's dialing out a lot, even when his other computers are turned off.
So I'm wondering how I can log all outgoing packets, or maybe better log
any outgoing packet which causes the ppp connection to become necessary.
(I'm using the new demand dialing feature built into pppd) Any ideas how
to do that?
Then after I figure out what is doing it, it would be cool to put in a
sort of restrictive filter so that only certain types of packets can cause
the ppp connection to become active (like, maybe only packets whose
destination is port 80... that should eliminate things like ICQ or AIM that
might be just keeping the connection alive for the heck of it. To them it
will look like the connection is down.)
--
_______ http://www.bigfoot.com/~ecloud
(_ | |_) ecloud@bigfoot.com finger rutledge@cx47646-a.phnx1.az.home.com
__) | | \__________________________________________________________________
Get money for spare CPU cycles at http://www.ProcessTree.com/?sponsor=5903
_______________________________________________
Plug-discuss mailing list -
Plug-discuss@lists.PLUG.phoenix.az.us
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
(text/plain)