-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 kl wrote:
Fajar Priyanto wrote:
On Tuesday 23 October 2007 12:05:33 kl wrote:
My client is running an openSUSE 10.3 gateway server with Squid and fetchmail/postfix/maildrop/qpopper. He wants to restrict Internet HTTP access to servers on an allowed list and no direct access to external mail.
Is there any way I can stop the uncontrolled use of Skype or other messengers from the Windows workstations?
I'm afraid this would not work - Skype does not necessarily use port 443 Skype will use any available port it finds, even port 80 which I obviously cannot block.
Why shouldn't you? As you are already running Squid, you could set it up as (transparent) proxy and block all direct access to port 80. You would have to anyway to accomplish the allowed list requirement of your client. So just block _any_ direct outside access, use Squid as transparent proxy and implement the allowed list and the Skype problem should be solved automagically. Regards, Stefan Seifert -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org iD8DBQFHHaop1QuEJQQMVrgRAm7rAJ4hP/EUD/Dt6P2AAxjPzjbWNzP1mgCfVLhU cSYe+oZbhGt8rc0SscgSq24= =g2hd -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security+help@opensuse.org