Hum, I just had another idea about this sort of thing to bounce around. Don't let the outsiders connect directly to the company LAN. Instead, force them to use something like Microsoft Terminal Services to logon to a multiuser Windows server. Once there, allow them to use a 3270 emulator. That way, the emulator is running on the server, not on the user's desktop. That stops IND$FILE and ftp transfers directly to the user's desktop. I am fairly sure that it stops doing cut'n'paste as well. What it does not stop is ftp to their share on the server, then email the code to themselves. But this is becoming more of a PITA to the user, which does help to discourage them. It all depends on why they are doing it. (cost vs. benefit to them).
This same concept can be applied to other systems such as Linux. -- John McKown ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
