The two solutions below will herein be called "nice" solution and "nasty"
solution.
As Isoel indicated, it will make the proxy provider aware of his
accountability.
Assuming the company wants to be productive, I'm sure management can be made
to see the validity in a company wide stipulation that non-business use of
the network is strictly forbidden and can be the grounds for termination.
Internet/Intranet/Email use is to be used within the guidelines of an
acceptable use policy etc.... but then, there is really nothing you can do
about this person, if you don't have an acceptable use policy in the first
place. Ie. How can you prove that the proxy providing staff member is doing
something wrong?
Or, let it slip to a few well-known gossipers in your 200-people outfit,
that you have implemented intrusion detection systems and management have
indicated a crackdown on usage (even better, actually do this!). The feeling
of someone watching your every move, is by far a greater deterant than
whether or not someone can work the weaknesses on your network.
With "nice" solution you won't have to fear your own job. Unless of course,
it's the CEO who's doing the proxy providing.
With "nasty" solution, you have the 'personal satisfaction' of potentially
ruining someones career. That framed person would almost definitely go legal
- bad news for company, bad news for you. What do you do, when management
come to you asking for assistance in the matter? Data Evidence etc? You then
risk your own job, and the real issue of defining what a company will or
will not allow within their network has slipped by the way side.
But it sounded good. (-:
Nigel H
-----Original Message-----
From: Ben Dover [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, 21 February 2001 9:00 AM
To: [EMAIL PROTECTED]
Subject: Re: Inside protection ?!
I would have to say your being a little to nice with that solution
. What I recommend is to go the BOFH style way of handling this.
Login through that proxy, and then proceed to send threatening and
vicious email's to the people in upper management, from his email address
of course. I would assume after that his proxy will prompty disappear
as well as his job.
>
>One approach, if there is some sort of policy in place, is to
>monitor the traffic for something incriminating (porn, hate
>sites, whatever is outlined as not being allowed) then contact
>said user and do a little social manipulation to get the job
>done. i.e. "Mr x, our firewall logs show some unacceptable web
>browsing from your user account through the firewall, could you
>stop?" Of course, he will ask all his friends if they are
>browsing porn or looking at 'banned' sites, they might say yes
>(if they are both guilty AND honest), they might say no (either
>because they are dishonest or really are not guilty), either way
>he might stop sharing thier access for fear of heat that will
>come down on HIM. HR can easily be the vehicle, Mr X does not
>need to know that technology staff is aware of his proxy
>activities, this is immaterial, only that doing this for his
>buddies could be bad for HIM. HE just needs to be reminded that
>HE is accountable for the actions of these buddies. That done,
>I would almost BET that the proxy'ing will stop in short order.
>
>ES
>***
>----- Original Message -----
>From: "Isoel Piñeiro Martínez" <[EMAIL PROTECTED]>
>To: <[EMAIL PROTECTED]>
>Sent: Tuesday, February 20, 2001 10:16 AM
>Subject: Inside protection ?!
>
>
> > I have almost 200 PCs in our LAN, some of wish have full access to the
> > Internet, some other to our Intranet , and some people can go nowhere.
>I'm
> > using Gauntlet 5.5 on NT4.0, SP5.
> > That way, using policies I define what each computer can do. I use DHCP
> > reservation for the people that can go to the Internet.
> > I've found recently one end user computer that have access to the
>Internet
> > running a proxy (Proxy+), and giving access trough it's IP address to
>his
> > friends. Is there some way to prevent this?
> > Thanks in advance.
>_________________________________________________________________
>Get your FREE download of MSN Explorer at http://explorer.msn.com
>
>-
>[To unsubscribe, send mail to [EMAIL PROTECTED] with
>"unsubscribe firewalls" in the body of the message.]
_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
