[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

RE: [K12OSN] Instant Messanger



If AOL didn't change its IP addresses all the time, I would agree.  Unfortunately for us, they have and do rather often, I'm guessing to get around folks who block by IP adrs. 

The other way, I suppose, to do it is to have an internal DNS server (assumes you have split DNS) and make it authoritative for the aol.com domain.  Then you can do what you want to that domain--black hole parts of it, whatever.  Of course, then that means that if <anythingelse>.aol.com ever changes *its* IP address, then you've got to manage all that, too.

It was simply easier for me to do it with our existing route policies, since we already needed to block Code Red and Nimda.

BTW, what's tc?

--TP

On Thu, 2003-10-02 at 06:29, Steve Wright wrote:
On Thu, 2003-10-02 at 11:45, Terrell Prude', Jr. wrote:
> We're filtering on two things: 
> 
> login.oscar.aol.com 
> *messaging.aol.com 
> 
> It's a bit of a "backdoor" way to do it.  Remember that the AOL
> clients need to look up DNS, specifically, login.oscar.aol.com.  We
> also do *messaging.aol.com just to be sure.  Well, if they can't find
> their server, they can't log in, no matter what TCP or UDP port they
> will eventually try to communicate on, be it port 80, 21, 20994,
> whatever.  The conversation won't even be able to begin! 
> MUAHAHAHAHA!!!!!!!! 


8-)  this will require no TC filtering at all.  Simply block these IPs
with iptables or do some other mean trick to their DNS.

I'm no DNS or iptables guru - iproute2 + tc is my specialty.


/steve



_______________________________________________
K12OSN mailing list
K12OSN redhat com
https://www.redhat.com/mailman/listinfo/k12osn
For more info see <http://www.k12os.org>

Do you Slack!?
Slackware GNU/Linux - Free, easy-to-trust web site server software

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]