On Wed, May 23, 2007 at 02:03:06PM +0100, Andrew Suffield wrote: > On Wed, May 23, 2007 at 02:11:29PM +0300, [EMAIL PROTECTED] wrote: > > The issue i have is that yahoo messenger keeps using nonstandard ports to > > connect. Lately i blocked yahoo messenger and it connects to port 25 to > > get outside the corporate network. >
Umm, if your network allows outbound port 25 connections to any random host, then you have bigger problems. Your network should only allow port 25 connections to your own networks registered mail exchangers. > > Any suggestions will be appreciated ! > > The problem of getting employees to use certain applications and not > others cannot be solved by technical means, and attempting to do so > will merely result in the users and admins working against each other, > which is never productive. You need a different approach. Either (a) > decide that this is a real problem, create a formal policy that these > applications must not be used, and fire anybody caught using them, or > (b) decide that it's not a real problem and stop worrying about it. > There is another component as well. It might be worthwhile to look at the "type" of employees that are causing the problems. By the type, I mean are the supposed to be creative for their jobs or not? For example, if your employee answers calls in a call center, you could probably argue that the employee should not be browsing the public Internet or anything like that. Of course, you could also argue that restricting your network in that fashion will lower morale. Same as if you did not allow any personal phone calls, even on breaks. However, if you are talking about software developers, they need to be creative and need lots more flexbility. In any case, if you *really* want to restrict that sort of thing, I recommend that you get one of those network filter appliances to block that sort of traffic from the parts of the network that you don't want to be able to access those services. But, also consider setting up an Internet cafe or at least set aside a few machines so that people can do "recreational" browsing and such. Regards, -Roberto -- Roberto C. Sánchez http://people.connexer.com/~roberto http://www.connexer.com
signature.asc
Description: Digital signature
------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
