Im a newbie in zeroshell,, but i finally could install it and put it in a production envirorment. I need help to block users from my lan to use Skype, my lan is 192.168.10.0. Please show me how to enable and disable acces to skype.
Sorry to disappoint you, but it won’t be possible to block skype with zeroshell.
Skype is the devil of chat/voip/p2p clients for the IT manager…
It won’t be possible because skype behaves like a virus, it has many algorithms to punch a hole in the firewalls..
* Random port.. if you block all the random ports.. it goes through 80 (HTTP) and if you filter 80.. it can use 443 (HTTPS), so blocking port it can be possible.
* Decentralized root nodes (any one can become a root node) So you cant block specific IP’s… they can change (almost random)
Encrypted packets.. so simple packet inspection is difficult, besides it often changes…
And all that is improved and new techniques are added with new releases…
But.. there is hope… the only one that i know is buying a proper appliance to filter traffic… this specific piece of hardware is specialized to do deep package inspection (zeroshell does this but a basic level L7 Filter, i think is outdated)… and has an specialized team that continuously analyze and update the profiles of the apps so their appliance can block them.
How do I know all this?.. i’ve tried to block skype too