On Wednesday, September 03, 2003 6:09 PM [GMT+0800=SGT], Shuvam Misra <[EMAIL PROTECTED]> wrote:
> On Fri, 29 Aug 2003, Sanjeev "Ghane" Gupta wrote: >> Either you own the network, in which case you can set, and >> enforce, an "Acceptable Use Policy", or you don't, and you >> shouldn't be interfering with traffic. > > As we all (including you, sir) know, this Controlling by Fiat > works only with certain kinds of users or environments. Whether > the user will listen to you depends on what the user believes > will happen to _him_ if he is found disobeying your fiat. My "fiat" is based on the "Carrot & Stick" concept, the carrot being I let the user livi in peace. Luckily, perhaps, in my last 3 jobs I have managed to have good relations with the CEO, and by ensuring that Tech Policies are _signed and issued_ by him, I ensure his backing for when I hit the user. At that point, the user has not broken *my* Policy, but the CEO's. > Coming to these messenger things, some of them can be blocked by > blocking the protocol. If I remember correctly, guys in our > team have done it at certain client sites in the past. I > believe Yahoo Messenger is harder to block because it runs on > HTTP, and looks indistinguishable from other HTTP traffic. This > information is a few years old, though. > > I remember one major corporate network which was complaining > that "Web browsing is terribly slow." We looked. And we found > Yahoo Messenger. We also found that the damn Messenger client > actually _polls_ the server at a steady frequency, even when no > new information is present... it's purely a server-side HTTP > based implementation, with the client initiating a query each > time. This made Yahoo Messenger the only one which could work > through most corporate firewalls (everyone allows HTTP) but > also the most inefficient IM service in terms of bandwidth > utilisation. Yahoo works in different ways, but will fall back to HTTPS if all else fails. HTTP may not be good enough, if your proxy is smart enough. But HTTPS is a direct connect. -- Sanjeev _______________________________________________ ilugd mailing list [EMAIL PROTECTED] http://frodo.hserus.net/mailman/listinfo/ilugd