Mmmmm..... see your point Bernard and I agree with it. A few companies we are working with at the moment are not allowed to control where their employees go to via the internet, even using things like websense, because it goes against their charter. Apparantly the charter encourages trust among the employees and this is classed as betraying the trust. All employees have to sign Internet Usage Agreements etc, so if you get caught you're in trouble. I think a lot of people are encouraged to try to get round measures put in place to stop them. I suppose that's where hackers get off. I'm not saying you shouldn't have security, but some times I think it is more effective to allow everybody everywhere outbound so that you don't end up affecting good work. I've had to use hotmail a few times because our administrators are not available out of office hours to allow attachments through.
My two penneth, Gaz ""Bernard Omrani"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > We might as well block all class A, B, and C addresses and kill all the > birds all together. > > What is the purpose of giving users access to the Internet when you will > be blocking even the hotmail for them? > > If you want them to access the company website only, then permit that > one IP address and deny everything else ( and don't call it Internet > access ). > > Bernard > > > -----Original Message----- > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf > Of > > Chuck Church > > Sent: Sunday, January 06, 2002 7:08 AM > > To: [EMAIL PROTECTED] > > Subject: How to block MSN, and others. [7:31057] > > > > All, > > > > I've had good luck blocking access by denying all traffic to the > IP > > ranges of the login servers for those services. Currently I block all > > traffic to: > > > > AOL IM > > 152.163.0.0 /16 255.255.0.0 > > 205.188.0.0 /16 > > 64.12.0.0 /16 > > > > MSN Messenger > > 64.4.0.0 /18 255.255.192.0 > > > > Yahoo Messenger > > 216.136.224.0 /22 255.255.252.0 > > > > > > This works currently. You might want to keep all 3 installed you your > > work > > PC, and check them once a week. If one starts working, they must have > > added > > another network. Open a DOS window, and do a 'netstat'. Look for the > > connection to login server, most likely will mention the company in > the > > DNS > > name. Mine looked like this: > > TCP superdave:1530 msgr-ns56.msgr.hotmail.com:1863 > ESTABLISHED > > > > If you then do a netstat -n, you'll get the address rather than > the > > DNS name. Then look up that address in www.arin.net in the WHOIS > utility. > > That will give you the block of addresses. Add that block of > addresses, > > and > > you'll be blocking them all once again. > > > > Chuck > > > > P.S. Blocking MSN will also block Hotmail access, you you kill 2 > birds > > with > > 1 stone! Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=31062&t=31057 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
