The problem with sites that are not really able to enforce, can be somewhat mitigated by a weekly posting of offenders in a pulic place within the company halls.
Thanks, Ron DuFresne On Mon, 15 Sep 2003, Bergeron, Jared wrote: > I think the key here is a strong enforceable communicated policy and then > identifying the traffic and addressing the user. I would go with an IDS (Snort is a > good choice to IDENTIFY as you can easily write the sigs). Now granted Snort could > pick it up on different ports depending on what it was looking for, however you need > to think about tunneled connections via ssh and ssl. A good client inventory app > seems to be the best way to catch these... Ahhh big brother and his tools. > > Regards, > --------------------- > Jared Bergeron > Systems Analyst / E-Security > XEROX Office Printing Business > > _____ > > From: Jason Bethune [mailto:[EMAIL PROTECTED] > Sent: Monday, September 15, 2003 10:07 AM > To: [EMAIL PROTECTED] > > > > Snort is one tool used by alot of IT guys to block file sharing programs. THe > trouble with these programs is that they have built in port "movers" that will scan > the local network to find an available port to work on. Scripting is one way to do > it....but that mostly just alerts you to the fact that there is traffice being used > on your network for file sharing. I would like to know an exact way to block file > sharing as well... > > > > Jason Bethune > > > > IT Specialist > > Town of Kentville > > 354 Main Street > > Kentville, NS > > B4N 1K6 > > > > www.town.kentville.ns.ca > > > > > > _____ > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Johnson, Mark > Sent: Monday, September 15, 2003 1:37 PM > To: [EMAIL PROTECTED] > Subject: [Full-Disclosure] Blocking Music Sharing. > > Due to the legal issues, I am trying to block access to sites like Kazaa and > Limewire in the office. If I am not mistaken, these networks can use different > ports each time, so there is no way to block it at the firewall. Is this right? > And if so, what is the best way to block access to these types of sites? > > > > Many thanks, > > Mark J. > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart ***testing, only testing, and damn good at it too!*** OK, so you're a Ph.D. Just don't touch anything. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
