LYNX
Мессенджеры блокирую так:
http://blogs.technet.com/rclaus/archive/2005/03/23/401072.aspx
---------- cut from Skype FAQ -------------------
Q: I am a system administrator and I want to block Skype. How can I do that?
You have to inspect the payload of the network (TCP, UDP) traffic. Otherwise, you cannot block Skype.
Please refer to our paper on Skype (v1.4) which explains the login procedure. Use snort or any other packet inspection tool to inspect the network traffic.
At login Skype sends a login message to the login server. The first two messages in that flow are:
Skype LS
0x1603010000 -> (5 bytes)
<- 0x1703010000 (5 bytes)
By blocking all incoming messages who have the signature 0x17030100, Skype is blocked.
Note that the first three bytes of client_key_exchange SSL message are 0x160301 which correspond to:
0x16: the message type is client_key_exchange
03 01: SSL version 3.1
Skype uses the SSL signature header for client to server message exchange. But for server to client message exchange, it uses a non-SSL based header. So by blocking packets that have this header (0x170301), one can effectively block Skype without blocking any other application.
------------------cut from Skype FAQ-------------------------
Мессенджеры блокирую так:
http://blogs.technet.com/rclaus/archive/2005/03/23/401072.aspx
---------- cut from Skype FAQ -------------------
Q: I am a system administrator and I want to block Skype. How can I do that?
You have to inspect the payload of the network (TCP, UDP) traffic. Otherwise, you cannot block Skype.
Please refer to our paper on Skype (v1.4) which explains the login procedure. Use snort or any other packet inspection tool to inspect the network traffic.
At login Skype sends a login message to the login server. The first two messages in that flow are:
Skype LS
0x1603010000 -> (5 bytes)
<- 0x1703010000 (5 bytes)
By blocking all incoming messages who have the signature 0x17030100, Skype is blocked.
Note that the first three bytes of client_key_exchange SSL message are 0x160301 which correspond to:
0x16: the message type is client_key_exchange
03 01: SSL version 3.1
Skype uses the SSL signature header for client to server message exchange. But for server to client message exchange, it uses a non-SSL based header. So by blocking packets that have this header (0x170301), one can effectively block Skype without blocking any other application.
------------------cut from Skype FAQ-------------------------