This discussion touches on some issues that were discussed recently with regard to AOL/AIM, etc. It is very difficult to block access if work arounds have been created like masquerading as some other service. The answer for blocking masquerading service is to invest in a system like "Packet Hound" which will inspect the content of EVERY packet and drop those not authorized.
The problem with something like SafeWeb and TriangleBoy is a bit more difficult, but not un-solvable. My solutions are two: 1. Put out a policy stating that circumventing the firewall using services like Safe Web and TriangleBoy are not acceptable. State what the penalty is for violating this policy (termination?). If you find someone violating the policy impose the penalty; no questions asked. 2. You can also take the "allowed access approach" for potential troublemakers. That is only allow them access to those services and sites that are required for their work. So for example you only allow those users (or all users) access to https for those sites you allow. Depending upon your business the number of secure sites probably isn't large. Also to address those running SSL on non-standard ports simply block all other services not allowed. Paul >Will GB block this Triangle Boy that have been developed to work >around firewalls who are blocking out safeweb? > > > >Take a look > ><https://fugu.safeweb.com/sjws/solutions/triangle_boy.html>https://fugu.safeweb.com/sjws/solutions/triangle_boy.html > > > >Obviously you could just restrict Internet access completely to that user(s) > > > > > > > >Shayne > > > >-----Original Message----- >From: Jonas Haggren [mailto:[EMAIL PROTECTED]] >Sent: Monday, August 27, 2001 7:57 AM >To: Gb-Users (E-mail) >Subject: Safe Web > > > >How can i block SafeWeb on the net??? >I have tried to block the IP number.. > ><https://www.safeweb.com/>https://www.safeweb.com/ > >/Jonas > > -- ---------------------------------------------------------------------------- Paul Emerson Tel: +1.407.380.0220 x1106 Global Technology Associates, Inc. Fax: +1.407.380.6080 3505 Lake Lynda Drive Mobile: +1.407.310.8563 Suite 109 Email: [EMAIL PROTECTED] Orlando, Florida 32817 USA Web: http://www.gta.com Mobile Email: [EMAIL PROTECTED] ----------------------------------------------------------------------------
