May I suggest instead of going after port 443 have a look at the sites they are shopping on. You can prolly get most of them. Then just block all access to those sites. While this will not solve the problem completely it might be a preferable soln to turning off access to a port that could potentially cause alot of problems.
On Wed, 10 Apr 2002, Josh Glover wrote: > [EMAIL PROTECTED] wrote: > > Hi All, > > > > I want to turn off HTTPS to prevent people on the network from shopping at > > various sites at work. Anyone know of any vulnerability in doing so? Will > > I kill something else that uses HTTPS that I haven't thought about? > > There are a few problems with this approach that occur to me: > > 1) Turning off HTTPS will not necessarily stop people from online > shopping, it will only prevent them from doing it securely. > 2) I can think of many legitimate uses of HTTPS that have nothing to do > with online shopping. Maybe these uses apply at your office, maybe not. > > A better solution would be a largely administrative one, namely, > creating a policy that forbids online shopping on the corporate network. > Then, you might start logging some outbound traffic (probably at your > firewall or proxy server), maybe HTTPS and some obvious ones, like > amazon.com or shopping.yahoo.com or ebay.com to see who is violating the > policy. Then, have HR deal with them. A much cleaner solution, from the > POV of a sysadmin. > > Make sure you talk this over with management, if you have not already. > > > -- ----Rory
