RE: How to block MSN, and others. [7:31057]
Here is a clip from the newest TechRepublic newsletter. In order to read the whole article, I think you need to be registered. But it is a decent site so it might be worth it to you. article starts here::: Instant messaging threatens enterprise security It#8217;s no surprise that instant messaging (IM) is gaining in popularity. The often-free communication feature lets people interact instantly, make decisions on the fly, and provide immediate contact, as opposed to the delays that can occur when using e-mail. (this is the point I was trying to make about personal use vs. corporation use. Different rules apply for each) But what may be surprising, especially to today#8217;s IT leaders, are the serious security issues posed by IM usage. Add that to the fact that most IM applications are used without corporate IT#8217;s knowledge or approval, and it#8217;s not a pretty picture for network security. :::article continues on::: http://www.techrepublic.com/article_guest.jhtmlid=r00520011218sss01.htmfromtm=e101-3 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=31852t=31057 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: How to block MSN, and others. [7:31057]
Chuck wrote, Let he who has never done something stupid while learning this stuff cast the first stone ;- People who live in optical networks shouldn't cast stones. Further, executives of optical networking firms should only order VIP furniture when it is actually needed, rather than store it on upper floors. For, it is written, people who live in glass houses shouldn't store thrones. [Apologies in advance to those who are not native English speakers, and possibly to those who are.] Brian Whalen wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... How inept does a netadmin have to be to block his own servers. If Im that guys boss, he is so fired.. Brian Sonic Whalen Success = Preparation + Opportunity On Mon, 7 Jan 2002, John Allhiser wrote: This discussion reminds me of a popular quote I see all the time on another forum: There are seldom good technological solutions to behavioral problems. --attributed to Ed Crowley, Compaq Technical Consultant A friend of mine worked for a company that had a problem with a certain spammer. They blocked the IP address of the offending emailer at the gateway, and to their utter astonishment, the pernicious perpetrator changed its IP. The spam continued to flow. Eventually, after about 9 IPs were entered into the deny access-list, the legitmate email started having problems (the spammer seemed to have been stopped).+ Long story, short: The spammer was using the company's ISP's mail relay host addresses. By shutting down those IPs, they effectively shut down their Intenet mail service. --John -Original Message- From: Gaz [mailto:[EMAIL PROTECTED]] Sent: Sunday, January 06, 2002 1:56 PM To: [EMAIL PROTECTED] Subject: Re: How to block MSN, and others. [7:31057] I suppose it comes down to they type of company/employees. I'm more used to companies that leave things fairly open for employees, and demand (rather than expect) that the employee be responsible with it. Employees will understand that monitoring needs to be done at times and offenders be dealt with. Firm and fair sometimes works better than beat me if you can. Not always though, so admittedly it's horses for courses. Gaz Mike Sweeney wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Let me put something into perspective here. It was said earlier about why give access then block it. Why indeed... the why is for BUSINESS reasons.. not day trading, not stock tickers, not chatting for hours(documented) with friends at the expense of work, viruses coming in on Hotmail attachments that bypass the clamped down exchange server and so on. The internet is given to employees for business reasons with the expectation that the employee will be responsible with it. Will there be personal use.. of course.. just like the phone. Why limit certain things? gee.. the company pays for a T1, they have 4,000 users, 100 decide to watch a Victoria Secret webcast at 300Kbps.. see the problem? This not theorical.. this really happened to one of my clients and the webcastusers/readaudio users managed to max out the T during working hours. The courts have already decided for good or bad that email is company property and they can do what they wish with it. I would imagine that web access falls under the same rules as it's a company building, desk, PC(or Mac), servers, connection and so on. My opinion MikeS Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=31271t=31057 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: How to block MSN, and others. [7:31057]
This discussion reminds me of a popular quote I see all the time on another forum: There are seldom good technological solutions to behavioral problems. --attributed to Ed Crowley, Compaq Technical Consultant A friend of mine worked for a company that had a problem with a certain spammer. They blocked the IP address of the offending emailer at the gateway, and to their utter astonishment, the pernicious perpetrator changed its IP. The spam continued to flow. Eventually, after about 9 IPs were entered into the deny access-list, the legitmate email started having problems (the spammer seemed to have been stopped).+ Long story, short: The spammer was using the company's ISP's mail relay host addresses. By shutting down those IPs, they effectively shut down their Intenet mail service. --John -Original Message- From: Gaz [mailto:[EMAIL PROTECTED]] Sent: Sunday, January 06, 2002 1:56 PM To: [EMAIL PROTECTED] Subject: Re: How to block MSN, and others. [7:31057] I suppose it comes down to they type of company/employees. I'm more used to companies that leave things fairly open for employees, and demand (rather than expect) that the employee be responsible with it. Employees will understand that monitoring needs to be done at times and offenders be dealt with. Firm and fair sometimes works better than beat me if you can. Not always though, so admittedly it's horses for courses. Gaz Mike Sweeney wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Let me put something into perspective here. It was said earlier about why give access then block it. Why indeed... the why is for BUSINESS reasons.. not day trading, not stock tickers, not chatting for hours(documented) with friends at the expense of work, viruses coming in on Hotmail attachments that bypass the clamped down exchange server and so on. The internet is given to employees for business reasons with the expectation that the employee will be responsible with it. Will there be personal use.. of course.. just like the phone. Why limit certain things? gee.. the company pays for a T1, they have 4,000 users, 100 decide to watch a Victoria Secret webcast at 300Kbps.. see the problem? This not theorical.. this really happened to one of my clients and the webcastusers/readaudio users managed to max out the T during working hours. The courts have already decided for good or bad that email is company property and they can do what they wish with it. I would imagine that web access falls under the same rules as it's a company building, desk, PC(or Mac), servers, connection and so on. My opinion MikeS Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=31155t=31057 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: How to block MSN, and others. [7:31057]
How inept does a netadmin have to be to block his own servers. If Im that guys boss, he is so fired.. Brian Sonic Whalen Success = Preparation + Opportunity On Mon, 7 Jan 2002, John Allhiser wrote: This discussion reminds me of a popular quote I see all the time on another forum: There are seldom good technological solutions to behavioral problems. --attributed to Ed Crowley, Compaq Technical Consultant A friend of mine worked for a company that had a problem with a certain spammer. They blocked the IP address of the offending emailer at the gateway, and to their utter astonishment, the pernicious perpetrator changed its IP. The spam continued to flow. Eventually, after about 9 IPs were entered into the deny access-list, the legitmate email started having problems (the spammer seemed to have been stopped).+ Long story, short: The spammer was using the company's ISP's mail relay host addresses. By shutting down those IPs, they effectively shut down their Intenet mail service. --John -Original Message- From: Gaz [mailto:[EMAIL PROTECTED]] Sent: Sunday, January 06, 2002 1:56 PM To: [EMAIL PROTECTED] Subject: Re: How to block MSN, and others. [7:31057] I suppose it comes down to they type of company/employees. I'm more used to companies that leave things fairly open for employees, and demand (rather than expect) that the employee be responsible with it. Employees will understand that monitoring needs to be done at times and offenders be dealt with. Firm and fair sometimes works better than beat me if you can. Not always though, so admittedly it's horses for courses. Gaz Mike Sweeney wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Let me put something into perspective here. It was said earlier about why give access then block it. Why indeed... the why is for BUSINESS reasons.. not day trading, not stock tickers, not chatting for hours(documented) with friends at the expense of work, viruses coming in on Hotmail attachments that bypass the clamped down exchange server and so on. The internet is given to employees for business reasons with the expectation that the employee will be responsible with it. Will there be personal use.. of course.. just like the phone. Why limit certain things? gee.. the company pays for a T1, they have 4,000 users, 100 decide to watch a Victoria Secret webcast at 300Kbps.. see the problem? This not theorical.. this really happened to one of my clients and the webcastusers/readaudio users managed to max out the T during working hours. The courts have already decided for good or bad that email is company property and they can do what they wish with it. I would imagine that web access falls under the same rules as it's a company building, desk, PC(or Mac), servers, connection and so on. My opinion MikeS Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=31237t=31057 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: How to block MSN, and others. [7:31057]
Let he who has never done something stupid while learning this stuff cast the first stone ;- Brian Whalen wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... How inept does a netadmin have to be to block his own servers. If Im that guys boss, he is so fired.. Brian Sonic Whalen Success = Preparation + Opportunity On Mon, 7 Jan 2002, John Allhiser wrote: This discussion reminds me of a popular quote I see all the time on another forum: There are seldom good technological solutions to behavioral problems. --attributed to Ed Crowley, Compaq Technical Consultant A friend of mine worked for a company that had a problem with a certain spammer. They blocked the IP address of the offending emailer at the gateway, and to their utter astonishment, the pernicious perpetrator changed its IP. The spam continued to flow. Eventually, after about 9 IPs were entered into the deny access-list, the legitmate email started having problems (the spammer seemed to have been stopped).+ Long story, short: The spammer was using the company's ISP's mail relay host addresses. By shutting down those IPs, they effectively shut down their Intenet mail service. --John -Original Message- From: Gaz [mailto:[EMAIL PROTECTED]] Sent: Sunday, January 06, 2002 1:56 PM To: [EMAIL PROTECTED] Subject: Re: How to block MSN, and others. [7:31057] I suppose it comes down to they type of company/employees. I'm more used to companies that leave things fairly open for employees, and demand (rather than expect) that the employee be responsible with it. Employees will understand that monitoring needs to be done at times and offenders be dealt with. Firm and fair sometimes works better than beat me if you can. Not always though, so admittedly it's horses for courses. Gaz Mike Sweeney wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Let me put something into perspective here. It was said earlier about why give access then block it. Why indeed... the why is for BUSINESS reasons.. not day trading, not stock tickers, not chatting for hours(documented) with friends at the expense of work, viruses coming in on Hotmail attachments that bypass the clamped down exchange server and so on. The internet is given to employees for business reasons with the expectation that the employee will be responsible with it. Will there be personal use.. of course.. just like the phone. Why limit certain things? gee.. the company pays for a T1, they have 4,000 users, 100 decide to watch a Victoria Secret webcast at 300Kbps.. see the problem? This not theorical.. this really happened to one of my clients and the webcastusers/readaudio users managed to max out the T during working hours. The courts have already decided for good or bad that email is company property and they can do what they wish with it. I would imagine that web access falls under the same rules as it's a company building, desk, PC(or Mac), servers, connection and so on. My opinion MikeS Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=31244t=31057 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: How to block MSN, and others. [7:31057]
Excellent information. Does anyone else have tibits like this? I've seen bits and pieces floating around on things to watch for regarding bad apps and ports. We had an issue with a 3rd party company(now a dot-bomb) who provided firewalling and virus scanning. We got them to block real audio but could not get them to block MS's media player. The claim was it was using port 80 just like anything other web traffic. I left before I could work this issue and I've wondered since then how true it was? MikeS Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=31059t=31057 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: How to block MSN, and others. [7:31057]
We might as well block all class A, B, and C addresses and kill all the birds all together. What is the purpose of giving users access to the Internet when you will be blocking even the hotmail for them? If you want them to access the company website only, then permit that one IP address and deny everything else ( and don't call it Internet access ). Bernard -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Chuck Church Sent: Sunday, January 06, 2002 7:08 AM To: [EMAIL PROTECTED] Subject: How to block MSN, and others. [7:31057] All, I've had good luck blocking access by denying all traffic to the IP ranges of the login servers for those services. Currently I block all traffic to: AOL IM 152.163.0.0 /16 255.255.0.0 205.188.0.0 /16 64.12.0.0 /16 MSN Messenger 64.4.0.0/18 255.255.192.0 Yahoo Messenger 216.136.224.0 /22 255.255.252.0 This works currently. You might want to keep all 3 installed you your work PC, and check them once a week. If one starts working, they must have added another network. Open a DOS window, and do a 'netstat'. Look for the connection to login server, most likely will mention the company in the DNS name. Mine looked like this: TCPsuperdave:1530 msgr-ns56.msgr.hotmail.com:1863 ESTABLISHED If you then do a netstat -n, you'll get the address rather than the DNS name. Then look up that address in www.arin.net in the WHOIS utility. That will give you the block of addresses. Add that block of addresses, and you'll be blocking them all once again. Chuck P.S. Blocking MSN will also block Hotmail access, you you kill 2 birds with 1 stone! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=31060t=31057 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: How to block MSN, and others. [7:31057]
I can't imagine the problem with Messenger apps. I feel that instant communication can be handy at times. Sometimes I hate waiting for an e-mail response, and a messenger service fits that niche nicely. And no, they don't waste bandwidth. The messages are usually smaller than e-mail. And no they aren't insecure (well besides the gaping hole AIM just patched). A stateful firewall or CBAC can stop session hijacking. I don't use instant messaging at all (except for e-bay alerts and traffic updates) but I see huge potential for IM and I bet that messaging will only get more ubiquitous as the years go by. So try and live with it instaed of fighting it all the time. -- RFC 1149 Compliant. FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: How to block MSN, and others. [7:31057]
M. see your point Bernard and I agree with it. A few companies we are working with at the moment are not allowed to control where their employees go to via the internet, even using things like websense, because it goes against their charter. Apparantly the charter encourages trust among the employees and this is classed as betraying the trust. All employees have to sign Internet Usage Agreements etc, so if you get caught you're in trouble. I think a lot of people are encouraged to try to get round measures put in place to stop them. I suppose that's where hackers get off. I'm not saying you shouldn't have security, but some times I think it is more effective to allow everybody everywhere outbound so that you don't end up affecting good work. I've had to use hotmail a few times because our administrators are not available out of office hours to allow attachments through. My two penneth, Gaz Bernard Omrani wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... We might as well block all class A, B, and C addresses and kill all the birds all together. What is the purpose of giving users access to the Internet when you will be blocking even the hotmail for them? If you want them to access the company website only, then permit that one IP address and deny everything else ( and don't call it Internet access ). Bernard -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Chuck Church Sent: Sunday, January 06, 2002 7:08 AM To: [EMAIL PROTECTED] Subject: How to block MSN, and others. [7:31057] All, I've had good luck blocking access by denying all traffic to the IP ranges of the login servers for those services. Currently I block all traffic to: AOL IM 152.163.0.0 /16 255.255.0.0 205.188.0.0 /16 64.12.0.0 /16 MSN Messenger 64.4.0.0/18 255.255.192.0 Yahoo Messenger 216.136.224.0 /22 255.255.252.0 This works currently. You might want to keep all 3 installed you your work PC, and check them once a week. If one starts working, they must have added another network. Open a DOS window, and do a 'netstat'. Look for the connection to login server, most likely will mention the company in the DNS name. Mine looked like this: TCPsuperdave:1530 msgr-ns56.msgr.hotmail.com:1863 ESTABLISHED If you then do a netstat -n, you'll get the address rather than the DNS name. Then look up that address in www.arin.net in the WHOIS utility. That will give you the block of addresses. Add that block of addresses, and you'll be blocking them all once again. Chuck P.S. Blocking MSN will also block Hotmail access, you you kill 2 birds with 1 stone! Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=31062t=31057 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: How to block MSN, and others. [7:31057]
The messages are usually smaller than e-mail. And no they aren't insecure (well besides the gaping hole AIM just patched). A stateful firewall or CBAC can stop session hijacking. It is the statement like this that makes me almost fall off my chair. What planet are you coming from? What make you think that these IM is secured (excluding the gapping hole in AIM). Remember, you have to connect the client to an external IM server, the information is traveling in clear text including your username and password. What makes you think that these IM servers are secure? Furthermore, your communication can be monitored by a third party. CBAC or stateful Firewall can not prevent this because your session is being monitored on the IM servers. There is nothing that your firewall can do. If hackers successfully hack the IM servers, consider your conversation available to everybody else. The best way to secure communication is running IM over Secure Socket Layer (SSL). I've been using jabber over SSL for a few months now and it is working great. You want something secure, build your own jabber server, run the service over SSL and have your buddies to connect to your jabber IM server for secure communication. Jabber server is a freeware available on Linux platform. - Original Message - From: Steven A. Ridder To: Sent: Sunday, January 06, 2002 11:38 AM Subject: Re: How to block MSN, and others. [7:31057] I can't imagine the problem with Messenger apps. I feel that instant communication can be handy at times. Sometimes I hate waiting for an e-mail response, and a messenger service fits that niche nicely. And no, they don't waste bandwidth. The messages are usually smaller than e-mail. And no they aren't insecure (well besides the gaping hole AIM just patched). A stateful firewall or CBAC can stop session hijacking. I don't use instant messaging at all (except for e-bay alerts and traffic updates) but I see huge potential for IM and I bet that messaging will only get more ubiquitous as the years go by. So try and live with it instaed of fighting it all the time. -- RFC 1149 Compliant. FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=31066t=31057 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: How to block MSN, and others. [7:31057]
I hate to break it to you, but almost all e-mail isn't encrypted either. The log on info to MSN Messenger is not clear text. The messages are. I sniffed MSN Messenger and it's an RSA certificate. I think you mean I can sniff most pop accounts and see the username and password, not MSN Messenger. David Tran wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... The messages are usually smaller than e-mail. And no they aren't insecure (well besides the gaping hole AIM just patched). A stateful firewall or CBAC can stop session hijacking. It is the statement like this that makes me almost fall off my chair. What planet are you coming from? What make you think that these IM is secured (excluding the gapping hole in AIM). Remember, you have to connect the client to an external IM server, the information is traveling in clear text including your username and password. What makes you think that these IM servers are secure? Furthermore, your communication can be monitored by a third party. CBAC or stateful Firewall can not prevent this because your session is being monitored on the IM servers. There is nothing that your firewall can do. If hackers successfully hack the IM servers, consider your conversation available to everybody else. The best way to secure communication is running IM over Secure Socket Layer (SSL). I've been using jabber over SSL for a few months now and it is working great. You want something secure, build your own jabber server, run the service over SSL and have your buddies to connect to your jabber IM server for secure communication. Jabber server is a freeware available on Linux platform. - Original Message - From: Steven A. Ridder To: Sent: Sunday, January 06, 2002 11:38 AM Subject: Re: How to block MSN, and others. [7:31057] I can't imagine the problem with Messenger apps. I feel that instant communication can be handy at times. Sometimes I hate waiting for an e-mail response, and a messenger service fits that niche nicely. And no, they don't waste bandwidth. The messages are usually smaller than e-mail. And no they aren't insecure (well besides the gaping hole AIM just patched). A stateful firewall or CBAC can stop session hijacking. I don't use instant messaging at all (except for e-bay alerts and traffic updates) but I see huge potential for IM and I bet that messaging will only get more ubiquitous as the years go by. So try and live with it instaed of fighting it all the time. -- RFC 1149 Compliant. FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=31070t=31057 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: How to block MSN, and others. [7:31057]
My Bad. The RSA Certificate was for the Passport account. MSN Messenger uses an MD5 hash. Still more secure than most e-mail accounts. Steven A. Ridder wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I hate to break it to you, but almost all e-mail isn't encrypted either. The log on info to MSN Messenger is not clear text. The messages are. I sniffed MSN Messenger and it's an RSA certificate. I think you mean I can sniff most pop accounts and see the username and password, not MSN Messenger. David Tran wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... The messages are usually smaller than e-mail. And no they aren't insecure (well besides the gaping hole AIM just patched). A stateful firewall or CBAC can stop session hijacking. It is the statement like this that makes me almost fall off my chair. What planet are you coming from? What make you think that these IM is secured (excluding the gapping hole in AIM). Remember, you have to connect the client to an external IM server, the information is traveling in clear text including your username and password. What makes you think that these IM servers are secure? Furthermore, your communication can be monitored by a third party. CBAC or stateful Firewall can not prevent this because your session is being monitored on the IM servers. There is nothing that your firewall can do. If hackers successfully hack the IM servers, consider your conversation available to everybody else. The best way to secure communication is running IM over Secure Socket Layer (SSL). I've been using jabber over SSL for a few months now and it is working great. You want something secure, build your own jabber server, run the service over SSL and have your buddies to connect to your jabber IM server for secure communication. Jabber server is a freeware available on Linux platform. - Original Message - From: Steven A. Ridder To: Sent: Sunday, January 06, 2002 11:38 AM Subject: Re: How to block MSN, and others. [7:31057] I can't imagine the problem with Messenger apps. I feel that instant communication can be handy at times. Sometimes I hate waiting for an e-mail response, and a messenger service fits that niche nicely. And no, they don't waste bandwidth. The messages are usually smaller than e-mail. And no they aren't insecure (well besides the gaping hole AIM just patched). A stateful firewall or CBAC can stop session hijacking. I don't use instant messaging at all (except for e-bay alerts and traffic updates) but I see huge potential for IM and I bet that messaging will only get more ubiquitous as the years go by. So try and live with it instaed of fighting it all the time. -- RFC 1149 Compliant. FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=31073t=31057 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: How to block MSN, and others. [7:31057]
Let me put something into perspective here. It was said earlier about why give access then block it. Why indeed... the why is for BUSINESS reasons.. not day trading, not stock tickers, not chatting for hours(documented) with friends at the expense of work, viruses coming in on Hotmail attachments that bypass the clamped down exchange server and so on. The internet is given to employees for business reasons with the expectation that the employee will be responsible with it. Will there be personal use.. of course.. just like the phone. Why limit certain things? gee.. the company pays for a T1, they have 4,000 users, 100 decide to watch a Victoria Secret webcast at 300Kbps.. see the problem? This not theorical.. this really happened to one of my clients and the webcastusers/readaudio users managed to max out the T during working hours. The courts have already decided for good or bad that email is company property and they can do what they wish with it. I would imagine that web access falls under the same rules as it's a company building, desk, PC(or Mac), servers, connection and so on. My opinion MikeS Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=31077t=31057 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: How to block MSN, and others. [7:31057]
I suppose it comes down to they type of company/employees. I'm more used to companies that leave things fairly open for employees, and demand (rather than expect) that the employee be responsible with it. Employees will understand that monitoring needs to be done at times and offenders be dealt with. Firm and fair sometimes works better than beat me if you can. Not always though, so admittedly it's horses for courses. Gaz Mike Sweeney wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Let me put something into perspective here. It was said earlier about why give access then block it. Why indeed... the why is for BUSINESS reasons.. not day trading, not stock tickers, not chatting for hours(documented) with friends at the expense of work, viruses coming in on Hotmail attachments that bypass the clamped down exchange server and so on. The internet is given to employees for business reasons with the expectation that the employee will be responsible with it. Will there be personal use.. of course.. just like the phone. Why limit certain things? gee.. the company pays for a T1, they have 4,000 users, 100 decide to watch a Victoria Secret webcast at 300Kbps.. see the problem? This not theorical.. this really happened to one of my clients and the webcastusers/readaudio users managed to max out the T during working hours. The courts have already decided for good or bad that email is company property and they can do what they wish with it. I would imagine that web access falls under the same rules as it's a company building, desk, PC(or Mac), servers, connection and so on. My opinion MikeS Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=31080t=31057 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: How to block MSN, and others. [7:31057]
IM isn't anywhere near as bandwidth intensive as video, audio, etc. And I can understand blocking video and streaming audio. But if you communicate via e-mail or IM, they can both be for business purposes. I have seen plany of non-business related e-mails in my time, just as I'm sure you all have. That dosen't mean we should all block e-mail. IM has a stigma as a toy for teens on AOL, and it just isn't that way anymore. It does have it's place. -- RFC 1149 Compliant. FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]