Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
RE: can Hopster traffic be blocked?
From: Charles Weidner (Accenture) (v-charlwmicrosoft.com)
Date: Thu Aug 05 2004 - 18:30:24 CDT
If you have a policy in the company that the users should not be able to
install unauthorized software on their machine why not just not allow
admin access on the individual workstation. This should alleviate the
problem whether or not the workstations in your company are linux or
From: Pablo Gietz [mailto:pablo.gietznuevobersa.com.ar]
Sent: Thursday, August 05, 2004 8:03 AM
To: Prakash Purushotham
Subject: Re: can Hopster traffic be blocked?
Prakash Purushotham wrote:
> Current setup:
> RH9 all patches current
> iptables set to deny all direct traffic out except to a select few
> squid with acls to allow only http(s)/ftp, more acls to allow access
> Some users have installed hopster and are able to connect to messenger
> servers even if they are not listed under the "chat access" acls.
> The following site has some information on hopster and similar
> I have tried in vain to block traffic using iptables. I tried INPUT
> filter on traffic coming in from port 1863 (for example), under the
> assumption that the messenger server has to reply to hopster requests.
> have tried blocking FORWARDs again, based on source port 1863 on the
> external interface.
> My last resort (administrative) is to invoke the rule that no
> unauthorized software be installed on the systems.
> Any suggestions on how I can block hopster (and other similar socks
> based tunneling applications) from tunnelling out.
I think limiting bandwith to 3KB or 4KB per connection may help to avoid
some of the people to do big downloads of mp3 video ( because they would
prefer to do at their homes for faster connection) saving almost the
bandwith for bussines duty.
Pablo A. C. Gietz