On Tue, 21 Dec 1999, Interpaul wrote:
> Hello list,
>
> In the office network we have a UNIX firewall server. At the moment it is
> impossible the use ICQ and RealAudio etc on our NT network. I don't know of
> we have a SOCKS firewall or a differt one, nor do I know ports of the
> firewall.
It sounds to me like your firewall is doing its job then. Protocols like
ICQ and RealAudio open a network up to more risk, and probably your
administrator is not willing to take that risk.
Firewall protection models are based on disallowing traffic and
protocols, each allowed protocol lessens the effectiveness of the
firewall. I've yet to see a good business justification for ICQ that
wasn't met in a different way with a better protocol.
> Can anyone show me how I could find this out? My sysop doesn't have time for
> this, so that's why I have to find out myself.
If the administrator doesn't have time to tell you what sort of firewall
he's running, he won't have time to open it up to bad protocols. Trying
to circumvent a firewall to "see if it works" can be a terminatable
offense for some networks, so you should find out what the accepted
mechanism is to find out the local policy on allowed protocols and how to
request changes to it. Be aware that requesting change doesn't always
mean it will happen, native RealAudio is something I'd *never* allow to
a business network I was responsible for without something in writing
from someone else willing to underwrite the risk and any additional
security equipment I'd feel necessary on that network (and it wouldn't be
cheap.)
Paul
-----------------------------------------------------------------------------
Paul D. Robertson "My statements in this message are personal opinions
[EMAIL PROTECTED] which may have no basis whatsoever in fact."
PSB#9280
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
