Actually, I was talking about going one step further. Block ALL access to ALL Internet sites, and then create a list of allowed websites (your company's webpage, the page where employees monitor their benefits, the pages of vendors/customers that may be needed, etc).
If a host isn't on the list, NO access of ANY type is allowed. That way, no matter how many times they reinstall the software, they still won't get through (unless a host that is running an IM server somehow gets put on your "allowed" list). Mike Burden Lynk Systems http://www.lynk.com (616)532-4985 [EMAIL PROTECTED] > -----Original Message----- > From: Reasoner, Bob (PHES) [mailto:[EMAIL PROTECTED]] > Sent: Thursday, January 17, 2002 9:27 AM > To: Mike Burden; [EMAIL PROTECTED] > Subject: RE: [gb-users] IM Madness > > > I had used your list of filters (provided a few months back) > to go to a > default close all outbound then accepting port 80, 443, 25 etc. > > That worked for about two weeks, then some of my industrious > users decided > to reinstall their IM programs and they seem to then do a > port scan and go > out on the SSL ports or the FTP ports. > > If the user reads my email and doesn't bother to reinstall > all is well, > but > unfortunately, most users read the first sentence and see that I'm > suggesting they do away with their toy and delete it. > > I know some of the SurfControl type programs can block this based on > filters. I was hoping that since CyberNOT is owned by > SurfControl that > they > would incorporate these sites into their list, but will take > whatever I > can > get. > > Thanks for you quick response! > > -----Original Message----- > From: Mike Burden [mailto:[EMAIL PROTECTED]] > Sent: Thursday, January 17, 2002 8:22 AM > To: [EMAIL PROTECTED] > Subject: RE: [gb-users] IM Madness > > > Would it be reasonable to go to a "default closed" > configuration for your network, where access to > everything is blocked, and there is a list of > exceptions? This type of setup will block IM, > Napster and it's clones, etc. > > I'm with you about technical solutions to social > problems. > > Mike Burden > Lynk Systems > http://www.lynk.com > (616)532-4985 > [EMAIL PROTECTED] > > > > > > -----Original Message----- > > From: Reasoner, Bob (PHES) [mailto:[EMAIL PROTECTED]] > > Sent: Thursday, January 17, 2002 9:10 AM > > To: [EMAIL PROTECTED] > > Subject: [gb-users] IM Madness > > > > > > Has anyone out there had any real success in Blocking access > > to external > > Instant Messenger programs? > > > > I have written outbound filters to block all but the standard > > ports, and > > that seemed to work temporarily, but of course these programs > > seem to do a > > port scan and connect again. > > > > I have the CyberNOT option on my GB-Flash if there is anyway to > > incorporate > > it in that. Otherwise does anyone know of a list of IP > > addresses that can > > be blocked for MSN, AIM, and Yahoo IM? > > > > I realize that this should be a policy issue and that > > Manager's should be > > held accountable for the actions of their employees, but > > unfortunately our > > organization doesn't seem to want to make an issue of it > and thinks I > > should > > find a technical solution. > > > > Thanks for any assistance anyone can provide! > > > > Bob Reasoner > > Harris County Public Health & Environmental Services > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > To subscribe to the digest version first unsubscribe, then > e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] >
