You can't block all the ports icq uses for the simple reason that ICQ200 is a port bouncer. It will use any port it can and flip from one to the other. On our sniffing tests here we'v had ICQ go out on 25, 110, 900, 254 and others. See my previous email on the subject which blocks the ICQ network. Much easier, and in one full swoop you'v closed it down. Mike > -----Original Message----- > From: Baran YURDAGUL [SMTP:[EMAIL PROTECTED]] > Sent: u ea?e 24 2000 0:24 > To: [EMAIL PROTECTED] > Cc: [EMAIL PROTECTED] > Subject: Ynt: Absurdity Continues (Was: "Re: icq") > > thanks Chris for understanding me.. > our manager wanted me to block all the ports icq use .. > taht is not my problem if it HR or IT dept.s problem . :)) > > > ----- Original Message ----- > From: <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Friday, June 23, 2000 6:59 PM > Subject: RE: Absurdity Continues (Was: "Re: icq") > > > > I only have one problem with this thread..... It has nothing to do with > > what was originally asked. The original question was what ports to > block > so > > that users could not use ICQ. At no time was there ever a request for a > > judgment call or moral debate on the aspects of his actions. > > > > I have seen at least 10 messages telling him it was none of his business > if > > users were using ICQ. For all you know, the departments managers could > have > > asked him to block all outgoing ICQ Connections. > > > > Just my input... but what do I know. > > > > Chris Patterson > > Network Administrator > > Axiom Systems > > Http://Www.AxiomSys.Com > > > > > > > > The Truth Is Out There. Go Find It. Http://Www.2600.Com > > > > > > > > -----Original Message----- > > From: Ryan Reynolds [mailto:[EMAIL PROTECTED]] > > Sent: Friday, June 23, 2000 11:22 AM > > To: [EMAIL PROTECTED] > > Subject: Re: Absurdity Continues (Was: "Re: icq") > > > > > > There are two different aspects to this ICQ debate that I think are > causing > > some confusion in this conversation: > > > > 1. ICQ is a network security risk. It is possible to have a host > > compromise or a virus issue due to ICQ. This is an infosec issue. > > > > 2. ICQ, in most cases, is not directly related to employees' work, and > thus > > can be considered a waste of company time. Employees are paid to work, > not > > to chat with their buddies. This is a human resources issue. > > > > To clarify #2 above, imagine instead of ICQ, that an employee brings a > deck > > of cards to work and plays poker with a few of his/her friends in the > middle > > of the work day. This is, quite simply, a loss of productivity. It is > not > > a security issue, > > it is a management/HR issue. > > > > Just because something occurs on a company's network, it is not > necessarily > > an infosec issue. If you have employees that are not working when they > are > > supposed to be, regardless of what it is they are doing, refer it to > > management/HR. > > > > -Ryan > > > > > > [EMAIL PROTECTED] wrote: > > > > > I would say that computer security does not relate to people wasting > their > > time > > > in the Internet. You can prevent certain types of abuse of Internet > > resources, > > > but if the fundamental problem is that people spend their time in > > something that > > > is not productive, you will not solve that problem with "computer > > security" and > > > you will end up in an arms race against people that seem to have > nothing > > else to > > > do and no boss looking over their shoulder, and you will always lose. > > > > > > I think you must put some obvious controls, and let people know that > they > > are > > > being logged and that the logs WILL be analyzed. A good report is > better > > than a > > > sophisticated hand-made filter that will always have an interesting > hole. > > > > > > Finally, I agree, HR is no panacea, but I think that the resource > being > > most > > > abused in this case is actually the human resource - am I right? I > think > > it is > > > their job to manage it. > > > > > > Carlos > > > > > > "Albrechtas, Adam" <[EMAIL PROTECTED]> con fecha 23/06/2000 11:37:25 > > > > > > Destinatarios: "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]> > > > CC: (cci: Carlos Moran/LAG/LSR/LAR/CPC) > > > > > > Asunto: RE: Absurdity Continues > > > > > > -----BEGIN PGP SIGNED MESSAGE----- > > > Hash: SHA1 > > > > > > I would say it has nothing to do with HR since it is strictly a > > > computer security issue (or even a QoS, at a stretch). I guess it > > > all depends on who is ultimitely responsible for System Security, > > > Data Security, and QoS in your organization. It is my belief that HR > > > should have nothing to do with computer security since they rarely > > > (if ever) have any knowledge in the area. > > > > > > - -----Original Message----- > > > From: D Clyde Williamson [mailto:[EMAIL PROTECTED]] > > > Sent: Friday, June 23, 2000 10:14 AM > > > To: [EMAIL PROTECTED]; '[EMAIL PROTECTED]' > > > Subject: Re: Absurdity Continues > > > > > > "Norman R. Bottom" wrote: > > > > > > > > RE: "Turn It Over To Human Resources" > > > > > > > > In difficult matters, fathers say, "See your Mother." Some firewall > > > > folks say, "Turn it over to HR.." What a joke ! Anyone who has been > > > > involved with security for a year or two, knows that Human > > > > Resources is not a friend to good security. Period. :-> > > > > > > > > Blessings, > > > > > > > > Norman > > > > > > Dealing with what employees do during office hours is not a security > > > matter. Unless, of course, > > > they're stealing data or cracking servers. If it is against HR policy > > > for users to look at certain > > > types of material on the Internet, then it is HR's responsibility to > > > deal with that policy. > > > > > > If your HR dept is not helping you with *security* matters. Then you > > > need to get that fixed. > > > - - > > > [To unsubscribe, send mail to [EMAIL PROTECTED] with > > > "unsubscribe firewalls" in the body of the message.] > > > > > > -----BEGIN PGP SIGNATURE----- > > > Version: PGPfreeware 6.5.3 for non-commercial use <http://www.pgp.com> > > > > > > iQA/AwUBOVN3DdTbJ7zCVqawEQLpfQCfU+3KgWK6ykAUlD3G8WRM89u2ioQAoOpC > > > 29WG3L9aOsE5eX8Aolfm9ufG > > > =OKT7 > > > -----END PGP SIGNATURE----- > > > - > > > [To unsubscribe, send mail to [EMAIL PROTECTED] with > > > "unsubscribe firewalls" in the body of the message.] > > > > > > "E-mail Server" made the following > > > annotations on 06/23/00 10:46:56 > > > > > > -------------------------------------------------------------------------- > -- > > -- > > > Bestfoods is not responsible for the content of incoming messages > which > > may > > > contain offensive or unauthorized material. Please contact > 1-800-462-0562 > > if > > > this should happen. > > > > > > > > > ========================================================================== > == > > == > > > > > > "E-mail Server" made the following > > > annotations on 06/23/00 11:05:38 > > > > > > -------------------------------------------------------------------------- > -- > > -- > > > May contain confidential and trade secret information of Bestfoods, > and > > may be subject to the Economic Espionage Act of 1996. For recipient's > use > > only. If you have received this message in error, please delete > immediately, > > and alert the sender. > > > > > > > > > ========================================================================== > == > > == > > > > > > - > > > [To unsubscribe, send mail to [EMAIL PROTECTED] with > > > "unsubscribe firewalls" in the body of the message.] > > > > - > > [To unsubscribe, send mail to [EMAIL PROTECTED] with > > "unsubscribe firewalls" in the body of the message.] > > - > > [To unsubscribe, send mail to [EMAIL PROTECTED] with > > "unsubscribe firewalls" in the body of the message.] > > - > [To unsubscribe, send mail to [EMAIL PROTECTED] with > "unsubscribe firewalls" in the body of the message.] - [To unsubscribe, send mail to [EMAIL PROTECTED] with "unsubscribe firewalls" in the body of the message.]
