thanks Chris for understanding me..
our manager wanted me to block all the ports icq use ..
taht is not my problem if it HR or IT dept.s problem . :))
----- Original Message -----
From: <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, June 23, 2000 6:59 PM
Subject: RE: Absurdity Continues (Was: "Re: icq")
> I only have one problem with this thread..... It has nothing to do with
> what was originally asked. The original question was what ports to block
so
> that users could not use ICQ. At no time was there ever a request for a
> judgment call or moral debate on the aspects of his actions.
>
> I have seen at least 10 messages telling him it was none of his business
if
> users were using ICQ. For all you know, the departments managers could
have
> asked him to block all outgoing ICQ Connections.
>
> Just my input... but what do I know.
>
> Chris Patterson
> Network Administrator
> Axiom Systems
> Http://Www.AxiomSys.Com
>
>
>
> The Truth Is Out There. Go Find It. Http://Www.2600.Com
>
>
>
> -----Original Message-----
> From: Ryan Reynolds [mailto:[EMAIL PROTECTED]]
> Sent: Friday, June 23, 2000 11:22 AM
> To: [EMAIL PROTECTED]
> Subject: Re: Absurdity Continues (Was: "Re: icq")
>
>
> There are two different aspects to this ICQ debate that I think are
causing
> some confusion in this conversation:
>
> 1. ICQ is a network security risk. It is possible to have a host
> compromise or a virus issue due to ICQ. This is an infosec issue.
>
> 2. ICQ, in most cases, is not directly related to employees' work, and
thus
> can be considered a waste of company time. Employees are paid to work,
not
> to chat with their buddies. This is a human resources issue.
>
> To clarify #2 above, imagine instead of ICQ, that an employee brings a
deck
> of cards to work and plays poker with a few of his/her friends in the
middle
> of the work day. This is, quite simply, a loss of productivity. It is
not
> a security issue,
> it is a management/HR issue.
>
> Just because something occurs on a company's network, it is not
necessarily
> an infosec issue. If you have employees that are not working when they
are
> supposed to be, regardless of what it is they are doing, refer it to
> management/HR.
>
> -Ryan
>
>
> [EMAIL PROTECTED] wrote:
>
> > I would say that computer security does not relate to people wasting
their
> time
> > in the Internet. You can prevent certain types of abuse of Internet
> resources,
> > but if the fundamental problem is that people spend their time in
> something that
> > is not productive, you will not solve that problem with "computer
> security" and
> > you will end up in an arms race against people that seem to have nothing
> else to
> > do and no boss looking over their shoulder, and you will always lose.
> >
> > I think you must put some obvious controls, and let people know that
they
> are
> > being logged and that the logs WILL be analyzed. A good report is better
> than a
> > sophisticated hand-made filter that will always have an interesting
hole.
> >
> > Finally, I agree, HR is no panacea, but I think that the resource being
> most
> > abused in this case is actually the human resource - am I right? I think
> it is
> > their job to manage it.
> >
> > Carlos
> >
> > "Albrechtas, Adam" <[EMAIL PROTECTED]> con fecha 23/06/2000 11:37:25
> >
> > Destinatarios: "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]>
> > CC: (cci: Carlos Moran/LAG/LSR/LAR/CPC)
> >
> > Asunto: RE: Absurdity Continues
> >
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > I would say it has nothing to do with HR since it is strictly a
> > computer security issue (or even a QoS, at a stretch). I guess it
> > all depends on who is ultimitely responsible for System Security,
> > Data Security, and QoS in your organization. It is my belief that HR
> > should have nothing to do with computer security since they rarely
> > (if ever) have any knowledge in the area.
> >
> > - -----Original Message-----
> > From: D Clyde Williamson [mailto:[EMAIL PROTECTED]]
> > Sent: Friday, June 23, 2000 10:14 AM
> > To: [EMAIL PROTECTED]; '[EMAIL PROTECTED]'
> > Subject: Re: Absurdity Continues
> >
> > "Norman R. Bottom" wrote:
> > >
> > > RE: "Turn It Over To Human Resources"
> > >
> > > In difficult matters, fathers say, "See your Mother." Some firewall
> > > folks say, "Turn it over to HR.." What a joke ! Anyone who has been
> > > involved with security for a year or two, knows that Human
> > > Resources is not a friend to good security. Period. :->
> > >
> > > Blessings,
> > >
> > > Norman
> >
> > Dealing with what employees do during office hours is not a security
> > matter. Unless, of course,
> > they're stealing data or cracking servers. If it is against HR policy
> > for users to look at certain
> > types of material on the Internet, then it is HR's responsibility to
> > deal with that policy.
> >
> > If your HR dept is not helping you with *security* matters. Then you
> > need to get that fixed.
> > - -
> > [To unsubscribe, send mail to [EMAIL PROTECTED] with
> > "unsubscribe firewalls" in the body of the message.]
> >
> > -----BEGIN PGP SIGNATURE-----
> > Version: PGPfreeware 6.5.3 for non-commercial use <http://www.pgp.com>
> >
> > iQA/AwUBOVN3DdTbJ7zCVqawEQLpfQCfU+3KgWK6ykAUlD3G8WRM89u2ioQAoOpC
> > 29WG3L9aOsE5eX8Aolfm9ufG
> > =OKT7
> > -----END PGP SIGNATURE-----
> > -
> > [To unsubscribe, send mail to [EMAIL PROTECTED] with
> > "unsubscribe firewalls" in the body of the message.]
> >
> > "E-mail Server" made the following
> > annotations on 06/23/00 10:46:56
> >
> --------------------------------------------------------------------------
--
> --
> > Bestfoods is not responsible for the content of incoming messages which
> may
> > contain offensive or unauthorized material. Please contact
1-800-462-0562
> if
> > this should happen.
> >
> >
>
============================================================================
> ==
> >
> > "E-mail Server" made the following
> > annotations on 06/23/00 11:05:38
> >
> --------------------------------------------------------------------------
--
> --
> > May contain confidential and trade secret information of Bestfoods, and
> may be subject to the Economic Espionage Act of 1996. For recipient's use
> only. If you have received this message in error, please delete
immediately,
> and alert the sender.
> >
> >
>
============================================================================
> ==
> >
> > -
> > [To unsubscribe, send mail to [EMAIL PROTECTED] with
> > "unsubscribe firewalls" in the body of the message.]
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
