On 3 Apr 2001, at 16:04, Edward Ingram wrote:
> In our company, we have about 40-50 users...
> many who run apps like AIM, ICQ, IRC, as well
> as lots of proprietary company software that
> requires the use of non registered ports. Since
> we don't really have a policy on users running
> messenger apps and such, and I really could
> care less right now, would it be safe to have
> an initial rule that allows all inside connections
> to the outside and to allow all established
> connections back in? That would save a lot
> of trouble vs. specifically allowing certain ports
> out and blocking everything else.
I'd suggest blocking Napster and other music sharing
services. Besides the potential problems that could
exist from running software that has never undergone
any kind of review to make sure that it does not pose
a security threat, there are other factors, too:
1) Bandwidth - Napster by itself can use an unbelievable
amount of bandwidth. There was a newspaper article
the other day that said Napster has accounted for as
much as 30% (IIRC) of all traffic at Texas A&M. My
nephew that lives with me uses it from the house and
it's use of bandwidth can make it difficult for me to even
check my e-mail. (Sometimes when I get aggravated
enough, I block Napster for anything from a few hours
to a month or more.)
2) Legal ramifications - If someone is sharing mp3s
from their company owned office machines (and maybe
from file and other servers), they could be making the
company legally responsible for all those copyright
violations. With most individual users, about all the
music companies can do is threaten lawsuits if they
don't stop their illegal activity. But with a company
with a greater potential to pay damages, they might
be able to do a lot more.
Eric Johnson
--------------------
[EMAIL PROTECTED]
[EMAIL PROTECTED]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
