Jumat, 18 Juni 2010

How to block yahoo chat messenger port from cisco router

Considering an approved management policies, there are several ways to block yahoo chat messenger from connecting to internet coming from inside your network, depending on what equipment and boxes you have on ground. If you happen to have an approved global policy to totally block yahoo messenger from any internal systems, you can implement a network-wide blocking of yahoo chat messenger at the router level. But if you happen not to have core routers from your network and your current connection is just being shared and NATted via your linux proxy box, blocking yahoo chat messenger is easy and possible by implementing it proxy-wide or individually per IP using linux proxy and firewall.Firewall comes in many names in linux. With Fedora, the name of the firewall is called iptables by default, a successor long after ipchains reigned with RedHats.If you are going to block yahoo chat messenger or any software from connecting to the web, basically, gathering port numbers and protocols being used by yahoo chat messenger or by that specific software needs to be established and listed out first.

Here are the known yahoo chat messenger (YM) ports whiches blocking from cisco router

router-adsl#
router-adsl#config t
router-adsl(config)#ip access-list extended internet
router-adsl(config-ext-nacl)#
router-adsl(config-ext-nacl)#deny tcp any any eq 5050
router-adsl(config-ext-nacl)#deny tcp any any eq 5000 5010
router-adsl(config-ext-nacl)#deny udp any any eq 5000 5010
router-adsl(config-ext-nacl)#deny tcp any any eq 5100
router-adsl(config-ext-nacl)#deny tcp any any eq 5101
router-adsl(config-ext-nacl)#exit
router-adsl(config)#exit
router-adsl#copy run star

Tidak ada komentar:

Posting Komentar