[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [suse-security] How to block MSN using SuSEfirewall2?
On Saturday 21 February 2004 19:34, Ray Leach wrote:
> > No, I'm saying because MSN Chat is able to work via a proxy AFAIK,
> > security wise it is probably a better solution than using masquerading of
> > the internal network and firewalling the ports in question.
> Except that MSN Messenger is a crafty little piece of cr#p. It uses UPnP
> (initially on TCP port 1863) to try and find a way through the firewall
> and bypass the squid proxy.
If you don't have a router between internal and external networks (only allow
connections through proxies), MSN Chat will HAVE to use the Squid proxy. As
far as I know SuSE doesn't even ship a UPnP aware firewall (if any exists for
Linux at all), so the risk that it manages to punch a hole in your precious
firewall is virtually non-existant.
It may try to bypass the proxy, but it will most certainly fail doing so.
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here