Hum, I just had another idea about this sort of thing to bounce around. Don't let the outsiders connect directly to the company LAN. Instead, force them to use something like Microsoft Terminal Services to logon to a multiuser Windows server. Once there, allow them to use a 3270 emulator. That way, the emulator is running on the server, not on the user's desktop. That stops IND$FILE and ftp transfers directly to the user's desktop. I am fairly sure that it stops doing cut'n'paste as well. What it does not stop is ftp to their share on the server, then email the code to themselves. But this is becoming more of a PITA to the user, which does help to discourage them. It all depends on why they are doing it. (cost vs. benefit to them).
This same concept can be applied to other systems such as Linux. -- John McKown Senior Systems Programmer HealthMarkets Keeping the Promise of Affordable Coverage Administrative Services Group Information Technology The information contained in this e-mail message may be privileged and/or confidential. It is for intended addressee(s) only. If you are not the intended recipient, you are hereby notified that any disclosure, reproduction, distribution or other use of this communication is strictly prohibited and could, in certain circumstances, be a criminal offense. If you have received this e-mail in error, please notify the sender by reply and delete this message without copying or disclosing it. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html