Yep all steps you stated have been covered, but Employees will be
employees.
What can I say?
-Original Message-
From: Elijah Savage III [mailto:[EMAIL PROTECTED]]
Sent: Friday, August 30, 2002 3:49 PM
To: [EMAIL PROTECTED]
Subject: RE: ICQ and blocking the thing-PIX [7:52285]
ICQ
So true but ICQ is using port 80, which kills me
-Original Message-
From: Creighton Bill-BCREIGH1 [mailto:[EMAIL PROTECTED]]
Sent: Thursday, August 29, 2002 12:07 PM
To: [EMAIL PROTECTED]
Subject: RE: ICQ and blocking the thing-PIX [7:52285]
Make sure that you carefully figure out the
ECTED]
Subject: Re: ICQ and blocking the thing-PIX [7:52285]
In a complex organization ( complex not meaning size or number of
departments, but in the way people need to work ) one might consider third
party applications such as Web Sense.
A couple of comments below:
--
TANSTAAFL
"there ain
Official business of this company shall be understood
> as neither given nor Endorsed by it.
>
>
>
> -Original Message-
> From: Chuck's Long Road [mailto:[EMAIL PROTECTED]]
> Sent: Saturday, August 31, 2002 1:20 AM
> To: [EMAIL PROTECTED]
> Subject: Re: IC
ailto:[EMAIL PROTECTED]]
Sent: Saturday, August 31, 2002 1:20 AM
To: [EMAIL PROTECTED]
Subject: Re: ICQ and blocking the thing-PIX [7:52285]
In a complex organization ( complex not meaning size or number of
departments, but in the way people need to work ) one might consider third
party applica
hat's why this stuff has to work at a policy level,
and cannot nor should be considered a matter for firewall administrators to
deal with.
CL You gots to know your organization.
>
>
> Thanks
>
> Larry
>
>
> -Original Message-----
> From: mike greenberg [mai
to HR especially if it is causing
problems for you on the network and putting business assets at risk.
-Original Message-
From: Shawn Heisey [mailto:[EMAIL PROTECTED]]
Sent: Friday, August 30, 2002 4:21 PM
To: [EMAIL PROTECTED]
Subject: Re: ICQ and blocking the thing-PIX [7:52285]
I may b
DEN CNRC Packet Data
-Original Message-
From: Creighton Bill-BCREIGH1 [mailto:[EMAIL PROTECTED]]
Sent: Friday, August 30, 2002 3:17 PM
To: [EMAIL PROTECTED]
Subject: RE: ICQ and blocking the thing-PIX [7:52285]
>Trust me, for every way you can find out, I can find a way to block it.
>
I may be off my rocker, but I think it's possible that you could set up
an IDS system that blocks access to any IP on the outside that sends
packets to your network that look like ICQ. At the very least it could
record the addresses for future inclusion into ACLs.
This won't block the people who
53 PM
To: [EMAIL PROTECTED]
Subject: RE: ICQ and blocking the thing-PIX [7:52285]
Try my approach..
Tell people no and put it in your security policy. They violate the policy
they get fired..
Oh wait a minute, I think that goes along with cut-off desktop internet
access I guess.
Its is
or a while, but I never tire of it...
Thanks
Larry
-Original Message-
From: mike greenberg [mailto:[EMAIL PROTECTED]]
Sent: Friday, August 30, 2002 2:18 PM
To: [EMAIL PROTECTED]
Subject: RE: ICQ and blocking the thing-PIX [7:52285]
If port 80 is open for outbound, I can change the s
ROTECTED]]
Sent: Thursday, August 29, 2002 7:50 PM
To: [EMAIL PROTECTED]
Subject: Re: ICQ and blocking the thing-PIX [7:52285]
Here is how I get around ICQ, AOL, MSN and Yahoo IM blocking:
>From work, I Secure Shell (SSH) back to my Linux Firewall. On my work
desktop,
I am running X-server (X-
[EMAIL PROTECTED]]
Sent: Thursday, August 29, 2002 7:50 PM
To: [EMAIL PROTECTED]
Subject: Re: ICQ and blocking the thing-PIX [7:52285]
Here is how I get around ICQ, AOL, MSN and Yahoo IM blocking:
>From work, I Secure Shell (SSH) back to my Linux Firewall. On my work
desktop,
I am running X-
Here is how I get around ICQ, AOL, MSN and Yahoo IM blocking:
>From work, I Secure Shell (SSH) back to my Linux Firewall. On my work
desktop,
I am running X-server (X-Win32 or Xceed) and just tunnel the SSH encryption
from my Linux firewall back to the corporate desktop. I can fire up any X
ap
Make sure that you carefully figure out the correct side of the connection.
ICQ server runs on port 4000, and the client chooses a random high-numbered
port. That means you will see UDP packets FROM (inbound/source) port 4000
going to the random port. In other words, don't go looking in a port
dat
Rob,
Currently we use MS Proxy server to restrict Internet access so I,
unfortunately, do not have your answer. Your offer to post your ACL for
peer-to-peer blocking would be very appreciated though. Soon we will be
removing Proxy and allowing our new PIX to restrict Internet access. At that
time
16 matches
Mail list logo