Not to mention that many radio stations have their own services, and don't
go through broadcast.com
Not to mention that there are business based services that use broadcast.com
as well. You take the bad with the good, so to speak.
I keep coming back to the issue of policy and policy enforcement. I don't
believe it is possible to continue to rely upon manual configuration of
access lists to enforce policy. If there is a severe issue, or a good
business reason to limit internet access and usage, then I believe one
should look into third party server based solutions such as web secure.
There are other products as well, but for some reason web secure is the only
one I can remember.
These products have created and maintain policy lists, making it easier to
block pornography, brokerage, radio stations, just about anything you can
imagine. They also allow you to add your own criteria, so that if you have a
researcher who truly does need to listen to the radio or monitor
thestreet.com you can permit that one user to do so while blocking everyone
else. ( handy for currying favor with the boss, I suppose )
What you are suggesting is essentially treating the symptom, and not the
disease. In an ideal world, there would be a written acceptable use policy,
signed by management, and incorporated into the employee handbook. Then the
tech staff would initiate the appropriate fixes based upon that policy.
Everyone should also be aware that app developers, both good and evil, are
now beginning to use protocol tunneling as a means of evading corporate site
and port based policies. It won't be too long before everything comes across
as port 80 traffic, and your port filtering will be useless.
Chuck
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of
Kathy Miihalisko
Sent: Friday, January 05, 2001 9:34 AM
To: Kelly D Griffin; beth shriver; [EMAIL PROTECTED]
Subject: RE: blocking broadcast.com ip addresses
P.S.--
Bear in mind that IP addresses are subject to change--if you filter out by
IP alone, you could be chasing them down again next week--not to mention
that broadcast.com is not the only service of its kind out there. You might
find that nailing down the ports to block is more efficient.
Kathy "Katyusha" M.
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Kathy Miihalisko
Sent: Friday, January 05, 2001 11:58 AM
To: Kelly D Griffin; beth shriver; [EMAIL PROTECTED]
Subject: RE: blocking broadcast.com ip addresses
Beth,
Put on your hacker hat and run a port scan first -- there are many free ones
for download -- try
http://members.home.com/ultraj/
or browse the Connectivity utilities @ www.davecentral.com for another port
scanner. Determine the ports used by this broadcast service and block them
with an extended ACL.
Kathy "Katyusha" M.
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Kelly D Griffin
Sent: Friday, January 05, 2001 9:09 AM
To: beth shriver; [EMAIL PROTECTED]
Subject: Re: blocking broadcast.com ip addresses
The easiest way to block an ip address on your gateway router is to route to
null (i.e. ip route 192.168.1.1 255.255.255.255 Null). You can also compile
an access-list to block out a range of addresses (i.e. deny ip any
192.168.1.0 0.0.0.255).
It is up to you to decide which method is the best. The ACL would be my
preferred method. Easier to maintain than static route statements.
Kelly D Griffin, CCNA
Network Engineer
Kg2 Network Design
http://www.kg2.com
----- Original Message -----
From: "beth shriver" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, January 05, 2001 7:33 AM
Subject: blocking broadcast.com ip addresses
> Can someone tell me how to block traffic from/to
> broadcast.com ??? We have several people who like to
> use their computer as a radio and its bogging us down!
> Help,
> Beth
>
> __________________________________________________
> Do You Yahoo!?
> Yahoo! Photos - Share your holiday photos online!
> http://photos.yahoo.com/
>
> _________________________________
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
____________________________________________
http://1cis.com
Free E-mail Servers with unlimited mailboxes
1st Class Internet Solutions
_________________________________
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
_________________________________
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
_________________________________
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
