Forum Replies Created
i’m sorry to read that you are giving up… for the past 2 days i’ve been trying to understand your Network configuration but i’v failed.. maybe a couple of days more…
Sorry to disappoint you, but it won’t be possible to block skype with zeroshell.
Skype is the devil of chat/voip/p2p clients for the IT manager…
It won’t be possible because skype behaves like a virus, it has many algorithms to punch a hole in the firewalls..
* Random port.. if you block all the random ports.. it goes through 80 (HTTP) and if you filter 80.. it can use 443 (HTTPS), so blocking port it can be possible.
* Decentralized root nodes (any one can become a root node) So you cant block specific IP’s… they can change (almost random)
Encrypted packets.. so simple packet inspection is difficult, besides it often changes…
And all that is improved and new techniques are added with new releases…
But.. there is hope… the only one that i know is buying a proper appliance to filter traffic… this specific piece of hardware is specialized to do deep package inspection (zeroshell does this but a basic level L7 Filter, i think is outdated)… and has an specialized team that continuously analyze and update the profiles of the apps so their appliance can block them.
How do I know all this?.. i’ve tried to block skype too
atheling thanks for the quick response and for giving me another way to try to go arround this issue
Fulvio did a great tutorial on setting up ZeroShell with openDNS [url][http://www.zeroshell.net/eng/opendns/][/url] and also thought on how to disable any intent of using another DNS (“Firewall setup to prevent non OpenDNS DNS use”) which worked fine.
I’m using the restrictions for a company environment. Through proxy (black/withe list) and firewall I was able to restrict Messenger, Facebook, and other web contect forbidden by “Company Policy”, but as you know https is harder to block using a proxy, so I thought I can use the OpenDNS method to control that. Mainly I want to prevent the webchats through https.
Of course I belive tha the best method to prevent the internet abuse among co-workers is to educate them… but try to explain that philosophy to your boss.
The good thing is that this is not urgent (yet).
Fulvio Ricciardi knows that you are charging?
I need no-ip.org compatibility.
The link is broke… please upload the package…
😀 thanks fulvioJuly 28, 2011 at 2:44 pm in reply to: do STORAGE and PROFILE menu is refering to the same menu? #51879
I’m not shure… but, have you check the X.509 tab???…