Spyware Warrior Spyware Warrior
Help with Spyware, Hijacking & Other Internet Nuisances
 
FAQ :: Search :: Memberlist :: Usergroups :: Register
Profile :: Log in to check your private messages :: Log in

NEED WOW help!

 
Post new topic   Reply to topic    Spyware Warrior Forum Index -> Talk About It
View previous topic :: View next topic  
Author Message
YUGWEN
Warrior


Joined: 17 Jun 2004
Last Visit: 23 Apr 2007
Posts: 121
Location: Oregon

PostPosted: Wed Sep 06, 2006 11:50 am    Post subject: NEED WOW help! Reply with quote

Hello all, I need some help with World of Warcraft! The help I need is I am trying to configure our company firewall to block access to the WOW servers, forums, chat sites, etc. at our gateway to keep employees WORKING instead of wasting time... I have the IP address of the forums server, the ports that WOW uses, etc. but I am not sure I have them all, and I can't figure out where to put them in the firewall. I have successfully made a protocol to block the main WOW port, but the rest is over my head Rolling Eyes

I am hoping the offending employees will get the hint because they are capable of bypassing the changes I want to make. It will only help to have those ports and IPs blocked since there is no reason at all for our business to have them active anyway.

Thanks in advance!
_________________
Absorb what is useful
Back to top
View user's profile Send private message
ld
Warrior


Joined: 01 Mar 2005
Last Visit: 29 Jul 2010
Posts: 185

PostPosted: Wed Sep 06, 2006 6:00 pm    Post subject: Reply with quote

What brand of firewall is this? This well let us know what it is capable of if we are familiar with it allow us to give some detail in how to configure it.

Instead of having an allow all policy and playing cat and mouse trying to block things people shouldn't use why not do the reverse. Decide what people do need like web surfing (tcp 80 and 443) and allow those and deny everything else. You need a firewall capable of this though. Then likely you need to let servers have full access and maybe an owner or few employees. What I do is give these people static IP's and have firewall rules that let those IPs have unrestricted access. This can be easily accomplished with a Linux or *BSD box with two NIC cards. If you take it to the next step and want to restrict websites then you just need to install and configure squid on the box. It is fairly easy to do with a PIX using object-groups too. I am sure some the other popular soho firewalls with the web interfaces can do it too but stuff like that is usually not so straightforward on those and can be tedious.
Back to top
View user's profile Send private message
Doug Taylor
Warrior


Joined: 04 Jun 2004
Last Visit: 27 Nov 2010
Posts: 127
Location: Sonoma County California

PostPosted: Fri Sep 15, 2006 11:51 pm    Post subject: Reply with quote

Hi YUGWEN,

Reverse engineering http://francessa0.tripod.com/id5.html might help. Blocking assess to TCP ports 3724, 6112, and 6881 thru 6999 might help also. I had to grant access to those ports for my son to play it.

With our Lordís blessings take care,

Doug
Back to top
View user's profile Send private message
logicman_alf
Junior Member


Joined: 21 Jul 2006
Last Visit: 14 Jun 2008
Posts: 12
Location: London

PostPosted: Sat Sep 16, 2006 12:11 am    Post subject: Reply with quote

Hi!

Apart from firewall setup, I find that many people, even trained IT staff, have never heard of a hosts file.
Those who have, think of it as a means of speeding up web access.

That is why, if installed on all workstations as a matter of policy, it can be extremely effective to use a hosts file as a blacklist.

I would expect most Warriors to know this already, but for anyone passing through, and as an easily overlooked adjunct to a security policy, here's some info about hosts files:
http://www.mvps.org/winhelp2002/hosts.htm

By the way, that windows hosts file will work equally well with linux.

Just passing through.
Have a really great day!
Patrick.
Back to top
View user's profile Send private message
ld
Warrior


Joined: 01 Mar 2005
Last Visit: 29 Jul 2010
Posts: 185

PostPosted: Sun Sep 17, 2006 6:04 pm    Post subject: Reply with quote

logicman_alf wrote:
Hi!

Apart from firewall setup, I find that many people, even trained IT staff, have never heard of a hosts file.
Those who have, think of it as a means of speeding up web access.

That is why, if installed on all workstations as a matter of policy, it can be extremely effective to use a hosts file as a blacklist.

I would expect most Warriors to know this already, but for anyone passing through, and as an easily overlooked adjunct to a security policy, here's some info about hosts files:
http://www.mvps.org/winhelp2002/hosts.htm

By the way, that windows hosts file will work equally well with linux.

Just passing through.
Have a really great day!
Patrick.


Managing the host file on everyworkstation even in a small office can be a nightmeare. With windows 2000 server and up the workstations DNS needs to be set the IP of the server for active directory to work properly. In this setup you can make bogus A records on your DNS server to block sites.

Messing with DNS would not be my preferred method for restricting access to web sites. I suppose if an office didn't have a firewall capable of doing it and was extremely cheap it is an option.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Spyware Warrior Forum Index -> Talk About It All times are GMT - 8 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



smartBlue Style © 2002 Smartor
Powered by phpBB © 2001, 2002 phpBB Group