nixCraft
Linux / UNIX Tech Support Forum
How to Block Ultrasurf
This is a discussion on How to Block Ultrasurf within the Linux software forums, part of the Linux Getting Started category; How to Block Ultrasurf from linux server? this is complete info what is ultrasurf ÎÞ½çÍøÂç http://www.wujie.net/downloads/ultrasurf/u.zip Thanks...
|
|||||||
| Linux software General questions and discussion about Redhat/Fedora Core/Cent OS, Debian and Ubuntu Linux related to softwares should go here. |
 |
|
|
LinkBack | Thread Tools | Display Modes |
17-11-2007, 05:49 AM
|
|||
|
|||
How to Block Ultrasurf
How to Block Ultrasurf from linux server?
this is complete info what is ultrasurf ÎÞ½çÍøÂç http://www.wujie.net/downloads/ultrasurf/u.zip Thanks 
|
| Sponsored Links | ||
|
|
|
20-11-2007, 06:47 AM
|
|||
|
|||
|
no one have used this software?
So what exactly it is?? It is the flagship software product from UltraReach Internet Corp. for Internet anti-censorship. It enables users inside countries with heavy Internet censorship to visit any public web sites in the world safely and freely. it enables users to browse any website freely just the same as using the regular IE browser while it automatically searches the highest speed proxy servers in the background. Learn More Until now i still wait respond to solved this problem
|
|
20-11-2007, 09:59 AM
|
||||
|
||||
|
Block ÎÞ½çÍøÂç ip address 67.15.183.30 at firewall or use squid ACL, if you know the port number for the software block that too
|
|
21-11-2007, 10:17 AM
|
|||
|
|||
|
hi monk i have try your suggestions block that ip, port (9666) and its domain but no luck
Last edited by laluvirtual; 21-11-2007 at 10:25 AM.
|
|
21-11-2007, 10:55 AM
|
||||
|
||||
|
How did you blocked port using iptables or sqiud? Are you sure clients are using your proxy?
__________________
Vivek Gite Linux Evangelist  Be proud RHEL user, and let the world know about your enterprise choices! Join RedHat user group. Always use CODE tags for posting system output and commands! Do you run a Linux? Let's face it, you need help
|
|
22-11-2007, 05:59 AM
|
|||
|
|||
|
I tried both. this is using iptables
Code:
*mangle :PREROUTING ACCEPT [192.168.1.0:24] :OUTPUT ACCEPT [0:0] -A PREROUTING -p tcp --dport 22 -j TOS --set-tos 0x10 COMMIT *filter :INPUT ACCEPT [32296:2595574] :FORWARD ACCEPT [327:113979] :OUTPUT ACCEPT [42157:3445894] #firewall -P FORWARD DROP -A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,SYN,RST,PSH,ACK,URG -j DROP -A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -j DROP -A FORWARD -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,SYN,RST,PSH,ACK,URG -j DROP -A FORWARD -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -j DROP -A INPUT -p icmp -m state --state NEW,ESTABLISHED,RELATED --icmp-type echo-request -m limit --limit 1/s -j ACCEPT # Block MAC #suspect #-A INPUT -m mac --mac-source 00:0E:7B:C9:13:0B -j DROP #Block IP #UltraSurf -A INPUT -s 67.15.183.30 -j DROP -A FORWARD -s 67.15.183.30 -j DROP -A OUTPUT -s 67.15.183.30 -j DROP -A INPUT -p tcp -m tcp --dport 9666 -j DROP -A FORWARD -p tcp -m tcp --dport 9666 -j DROP -A OUTPUT -p tcp -m tcp --dport 9666 -j DROP :INPUT ACCEPT [192.168.1.0:24] :FORWARD ACCEPT [192.168.1.0:24] :OUTPUT ACCEPT [0:0] #-A INPUT -p tcp -m tcp --dport 10000 -j DROP -A INPUT -i eth0 -j ACCEPT -A FORWARD -i eth0 -j ACCEPT COMMIT # Completed on Wed Jun 21 12:35:13 2006 # Generated by iptables-save v1.2.3 on Wed Jun 21 12:35:13 2006 *nat :PREROUTING ACCEPT [8009433:454311769] :POSTROUTING ACCEPT [1529638:95155672] :OUTPUT ACCEPT [1273134:83856339] -A PREROUTING -s 192.168.1.0/255.255.255.0 -p tcp -m tcp --dport 80 -j DNAT --to-destination xxx.xxx.xxx.xxx:port -A POSTROUTING -s 192.168.1.0/255.255.255.0 -o eth0 -j MASQUERADE COMMIT and this one using squid Code:
acl porn1 dstdomain "/etc/squid/data_porn.txt" .ultra* .wujie.net yes i sure that my user using proxy (transparent), all site that i put at data_porn.txt can't be access. this is an example Code:
ERROR The requested URL could not be retrieved While trying to retrieve the URL: sex.com The following error was encountered:
I really need your help nixcraft Thank you Last edited by laluvirtual; 23-11-2007 at 08:34 AM.
|
|
24-11-2007, 10:59 AM
|
||||
|
||||
|
Are you sure this software only uses 9666 port? If so block it using /etc/sysconfig/iptables add 9666 as drop rule.
|
|
24-11-2007, 06:01 PM
|
|||
|
|||
|
yes i'm sure. did u see my iptables script above that block port 9666.
hi monk can you download the software and test it on your computer so that u know thw truth please? Thank you
|
|
28-11-2007, 05:21 AM
|
|||
|
|||
|
halo any body tried this case?
|
|
15-06-2008, 04:21 PM
|
|||
|
|||
|
Ultra Surf Fix
Quote:
Unfortunatley the port un UltraSurf is 9666 on localhost, and the software is using this as a proxy it is injecting into the IE on the fly. This equates to a website called http://Ultra1 One way of controlling the program, I have found so far, is to place ultra1 in the Restricted Zone in Internet Options / Security / Restricted Sites of IE. Go to Custom Level and set all items to Disable or High Safety except Popup Blocker. The program appears to make a lot of DNS calls to find the servers it is using. Blocking the servers it talks to may be another way, but it is not using port 80 or whatever your proxy server is. Tony S
|
|
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) |
|
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| How to Block Spam Mails in Sendmail | ppnair | Mail Servers | 3 | 28-08-2008 12:06 AM |
| Bad Superblock At Block : Magic Number Wrong | Ashish Pathak | Solaris/OpenSolaris | 2 | 18-10-2007 08:11 PM |
| Iptables block ip address | raj | Getting started tutorials | 0 | 05-05-2007 01:01 AM |
| How to block gtalk messenger through squid | bubloob_13 | Linux software | 0 | 16-04-2007 11:59 AM |
| How to block sites in Squid | joproz | Linux software | 2 | 18-11-2006 05:00 PM |
All times are GMT +5.5. The time now is 04:45 PM.
