On Sun, 18 Mar 2001, Paolo Carballo wrote:
> Hello guys,
> I was asked to help our network engineers iron out the rough edges in our
> newly installed proxy server. We're using RH 6.2 and squid 2.xx. We want to
> block access to JobsDB, JobStreet, Hotmail, ICQ, Yahoo Messenger, and MSN
> Messenger before deployment.
> Would it be better to use the ports for the last three or would blocking
> the websites do just fine? If the former - does anyone have a list of ports
> I can copy?
> Also, a week ago they were configuring ipchains and complained that
> blocking and/or limiting access to the M$ sites like hotmail and msn was
> just too much of a hassle because these sites had several ip addresses.
> Since the firewall is already deployed, I think they opted to tinker with
> squid instead just to block the sites.
> I'm just curious, isn't it easier to block all these using ipchains? They
> explained to me that ICQ, MSN and Yahoo Messenger accessed their websites
> to provide those services so blocking the websites would also work. Is this
> recommended?
You can:
use squid ACLs to block particular URLs (howto use is in the squid.conf
file)
use junkbuster (http://www.junkbuster.com) which is more flexible because
you can actually put regular expressions as names of the sites you want to
block.
>
> Feel free to correct me.
> Many TIA!
>
>
> Paolo Carballo
>
> = http://www.mydestiny.net/~jplc/ GnuPG 1.0.4 KeyID 1EAD657C
> = Linux *is* stable. It runs Windows and DOS without a single shutdown.
> _
> Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
> To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
>
> To subscribe to the Linux Newbies' List: send "subscribe" in the body to
>[EMAIL PROTECTED]
>
_
Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
To subscribe to the Linux Newbies' List: send "subscribe" in the body to
[EMAIL PROTECTED]
