Date: Mon, 11 Sep 2006 14:22:26 +0200 From: "Rudi Kramer" <rkramer@mweb.com> To: <freebsd-pf@freebsd.org> Subject: RE: Block Skype with PF Message-ID: <39DC135F7F0571489196E0B6F5D58B4A01B26FE2@MWBEXCH.mweb.com> In-Reply-To: <39DC135F7F0571489196E0B6F5D58B4A01B26FDF@MWBEXCH.mweb.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hey Greg, I found this article which should help a bit. http://www.net- security.org/dl/articles/Blocking_Skype.pdf#search=3D%22net%20squid%20sky= p e%20blocking%22 =20 Rudi -----Original Message----- From: owner-freebsd-pf@freebsd.org [mailto:owner-freebsd-pf@freebsd.org] On Behalf Of Greg Armer Sent: 11 September 2006 01:35 PM To: freebsd-pf@freebsd.org Subject: Block Skype with PF Good day list, I was just wondering if any of you have a running 'receipe' using PF that can block Skype. What I have found out is the following: - Skype picks a random port to use when it is installed - It can switch over to port 80 / 443 if a firewall is too restrictive - It appears UDP ports above 1024 are used aswell So what I was thinking of doing is blocking all outgoing UDP above port 1024, and trying to identify and block the port 80 / 442 traffic with=20 squid and a transparent proxy. Does anyone have any better solutions to this which do not involve expensive layer 7 inspection hardware ? Many thanks for your comments / ideas. Regards, -- Greg Armer _______________________________________________ freebsd-pf@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?39DC135F7F0571489196E0B6F5D58B4A01B26FE2>