Blocking messengers - Page 4
Page 4 of 4 FirstFirst ... 234
Results 31 to 35 of 35

Thread: Blocking messengers

  1. #31
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Nebulus: No point in using the IDS to drop both sides of the connection, (Yes Snort will do this if the rule is written to do it and there is also a test facility that allows a message to be sent to the two machines I believe - I gotta look into that in a minute..... ), since the client will assume it is dropped at the firewall and allow the alternative connection to take place.

    I'm gonna take a look at the message thingy, test it and see what it does. The I might add the message part to a rule for these chat proggies that will be received by the offending user telling them to quit or die...... . I'll see if it works and get back to you all.

    Pooh.....

    I use a custom version of snort that does not include flexresp therefore it doesn't recognize the react keyword and fails out on the rule....... Also, this used to send a message to the browser rather than a windows messaging message, (which would be real nice), so it is designed to limit web access more than anything else - shame really... I coulda had a lot of fun with my (L)users......
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  2. #32
    Senior Member
    Join Date
    Feb 2002
    Posts
    518
    I simply restrict access to the hosts file, and then add the servers URL to it.
    127.0.0.1 www.aol.com <----- repeat for ALL the aol chat servers.
    quick buddy is another one to block too since its Javabased.
    *shrug* its work, but if your seriously wanting it gone, it works for me.
    the kiddies cant access C:\ so they cant get the hosts file...
    its not the best way in a open machine, but its how I stopped it.
    Remember -
    The ark was built by amatures...
    The Titanic was built by professionals.

  3. #33
    Senior Member
    Join Date
    Feb 2002
    Posts
    518
    I simply restrict access to the hosts file, and then add the servers URL to it.
    127.0.0.1 www.aol.com <----- repeat for ALL the aol chat servers.
    quick buddy is another one to block too since its Javabased.
    *shrug* its work, but if your seriously wanting it gone, it works for me.
    the kiddies cant access C:\ so they cant get the hosts file...
    its not the best way in a open machine, but its how I stopped it.
    Remember -
    The ark was built by amatures...
    The Titanic was built by professionals.

  4. #34
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    I am in the fortunate position of having extremely unsophisticated users and a firewall that is blocking their attempts. I was just going to add a snotty message for my own amusement and edification.....

    As to blocking access to C:...... Wouldn't work in my environment..... Good suggestion for others tho....
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  5. #35
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    I am in the fortunate position of having extremely unsophisticated users and a firewall that is blocking their attempts. I was just going to add a snotty message for my own amusement and edification.....

    As to blocking access to C:...... Wouldn't work in my environment..... Good suggestion for others tho....
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •