That all sounds great, but in these cases the management just looks back at me and says "block it." They don't understand when I say I can't. :) They all happily sign off on policy and will go after the abusers, but they want some basic protection in there. I am working on some layered approach here using Group Policy on my XP workstations to block the executables from even running, but even that takes diligence to keep up with versions, etc. I've looked at some apps that claim to filter it, but they are not even remotely cheap. I'll keep the eyes out for a free solution.
Chris Green -----Original Message----- From: David Morris [mailto:[EMAIL PROTECTED] Sent: Monday, November 03, 2003 12:15 PM Cc: GnatBox Users Group Subject: Re: [gb-users] Blocking P2P Networks, spyware, etc Chris, A recent Linux Journal (sorry, not here so I can't check, but max 3 old) had an indepth article on setting up a 'filter' to deal with the problem. I'd recommend the article just so you can understand the scope and perversity of the problem. Given the moving target nature of the problem, i.e., win a battle but the war goes on, I don't think I'd want my primary firewall changing at the rate it would have to change to keep up so if I had the problem, I'd try and use a layered approach using the GNATBOX to protect the network and forcing most outbound traffic thru the p2p filter. I would also endorse the adinistrative approach mentioned by someone. Work with your direct management to forumlate a revised AUP for your network, gather statistical data to so you can present the decision makers valid cost data and realistic estimates of productivity impact. Get your legal folks to collaborate if you have an inhouse lawyer so that you have a valid risk acessment. Then get the appropriate upper level management to either endorse and enforce the new AUP or accept the increased expenses associated with providing acceptable network services while allowing p2p usage. Dave Morris On Mon, 3 Nov 2003, Chris Green wrote: > I'm looking for a standard set of rules/filters to enable for all of my > customers to help block all of these applications. Does anyone have a > methodology that has been effective to do this? Does anyone have a list of > IP addresses we can block access to that will help? Will a content > filtering subscription successfully block these, or only help prevent > download of the apps? ------------------------------------------------------ To unsubscribe: [EMAIL PROTECTED] For additional commands: [EMAIL PROTECTED] Archive: http://archives.gnatbox.com/gb-users/ ------------------------------------------------------ To unsubscribe: [EMAIL PROTECTED] For additional commands: [EMAIL PROTECTED] Archive: http://archives.gnatbox.com/gb-users/
