chris and alex, thank you both for your replies. i like alex's approach, humorous and true, so true...
i just wanted to make sure there wasn't a method i was missing. if i can't shame them into submission, i'll look into a 'black list' of visited sites. thanks, bryan -----Original Message----- From: Chris Green [mailto:[EMAIL PROTECTED] Sent: Thursday, March 27, 2003 2:39 PM To: 'Gnatbox' Subject: RE: [gb-users] streaming audio Those are workable answers, but I think the right answer is that this needs a management solution more-so than a technology solution. You need to demonstrate to management that it has an impact on the network and needs to be stopped and let them make it a policy that it cannot be done. Then you need only monitor for excessive use and you have room to take action. Almost all apps that you would want to stop in a corporate environment are extremely versatile and will run over almost any port. This makes it necessary to take a management approach in many cases because they are almost impossible to block without disrupting necessary traffic too. Chris Green -----Original Message----- From: Alex Howansky [mailto:[EMAIL PROTECTED] Sent: Thursday, March 27, 2003 3:29 PM To: [EMAIL PROTECTED] Subject: Re: [gb-users] streaming audio > please forgive me if i'm missing something simple but, is there a way to > block streaming audio over port 80 when port 80 is allowed? we have a > number of users eating up bandwidth with web radio. one or two are no big > deal but a dozen or more begins to cut a chunk out of the total bandwidth. > > alternatively, a time limit per connection would be ok since most go on for > hours. 1) You ask them nicely to stop, reminding them that bandwidth is not free and their excessive use of it for non work-related purposes is no different than making a lot of long distance personal telephone calls. 2) If they don't stop, you create an outbound filter to block all outgoing traffic from their IP. 3) When they complain, you tell them they had their chance and blew it. 4) They will complain to their boss, who will complain to yours, who will complain to you. 5) You show their boss some excerpts from your logfile that demonstrate how much of their day they're wasing on the web, including the URLs for all the porn and gambling sites they've been visiting. They'll never bother you again. :) Or if you prefer the no-fun version: There are probably only a handful of desination IPs that are being used. You could scan your logs to find out what they are, and maintain a list of them in an address object. Then just block traffic to that object with an outbound filter. -- Alex Howansky Wankwood Associates http://www.wankwood.com/ --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] To subscribe to the digest version first unsubscribe, then e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archive of the last 1000 messages: http://www.mail-archive.com/[EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] To subscribe to the digest version first unsubscribe, then e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archive of the last 1000 messages: http://www.mail-archive.com/[EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] To subscribe to the digest version first unsubscribe, then e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archive of the last 1000 messages: http://www.mail-archive.com/[EMAIL PROTECTED]
