Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » How to block Skype, Friendster, ICQ???
  •  
fion

Messages: 6
Karma: 0
Send a private message to this user
I have just managed to block msn messenger via traffic policy. Anyway to block Skype, Friendster, ICQ as well via traffic policy? Thanks for the reply.

fion
  •  
xpinx2pin

Messages: 2
Karma: 0
Send a private message to this user
i think u can add at http policy - url rules

*friendster.com*

  •  
an2ny79

Messages: 109
Karma: 2
Send a private message to this user
Unfortunately, there's no possible way to block Skype using KWF (there is, block all traffic Laughing ) because skype uses different ports, HTTP, HTTPS... Well, how I wish Kerio figure out a way how.

For ICQ, go to Traffic policy and block ICQ (5190) port. Just don't forget that traffic rule is using hierarchical way.

Advance Merry Xmas...
  •  
geabaldyvx

Messages: 39
Karma: 0
Send a private message to this user
You can't block Skype as a service but you can deny travel to it's servers. Simply add them as a Forbidden destination OR... add them to your local host file as a 127.0.0.1 so that the DNS call never gets translated into the actual server address..
  •  
an2ny79

Messages: 109
Karma: 2
Send a private message to this user
Unfortunately, that won't do the trick.

Unlike YM, skype has many authenticating servers (I think, every user's machine is authenticating server as well). I managed to block YM by bloking the login / authenticating server address. In regards of Skype, there could be hundreds or thousands of them.. Remember that skype is P2P (no central server, well there is, but there's also alternatives if it failed).

I spent all night gathering all IPs that skype is calling and I already gathered 200+ IPs, and still skype is connecting (via HTTPS).

I think, the only way to block Skype is limit user's outgoing port (allow only FTP, HTTP, DNS, Telnet, Email ports) then filter HTTP (URL rules).. Unfortunately, forbidding HTTPS isn't good idea at all. As this will drop legit sites which use this kind of port.

[Updated on: Fri, 05 January 2007 09:14]

Previous Topic: Hardware/Software recommendations for KWF
Next Topic: Yahoo! Mail Not Working
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Tue Nov 21 14:56:22 CET 2017

Total time taken to generate the page: 0.00630 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.