Bill Joynt wrote:
>
> > Question: If users get around a RealAudio port block on a
> > Gauntlet firewall
> > by telling their browser to use port 80 for RealAudio, is there anyway for
> > the firewall administrator to then block RealAudio without blocking all
> > internet access? Locking out specific user IPs in order to enforce policy
> > is impossible. He's in a military environment and that would not fly.
Why not ?
On what basis is access granted in this particular environment ?
> Tell the user that if he deliberately bypasses firewall policy, he will be
> fired (or at least be in serious trouble).
Apart from that - what about MIME-Sweeper and other content-filters ?
I've only heard of MIME-Sweeper and not used it, but I thought it could
be programmed to do just that (amongst other things).
We also had this "problem", but removing internet-access from one
particular offender (as a warning to the numerous others) stopped the
whole RA-traffic very effectively. (It had accounted for 80-90% of the
total web-traffic, and real-audio is definitely not a part of our
core-business)
cheers,
Rainer
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Rainer Duffner, Kiosk AG, Switzerland |
| [EMAIL PROTECTED] -- [EMAIL PROTECTED] |
| W3: http://www-stud.fh-konstanz.de/~duffner |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
