Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Not sure what forum this really bel

Status
Not open for further replies.
ShawnF

ShawnF

IS-IT--Management
Oct 1, 2001
149
US
Not sure what forum this really belongs in, but I'll try here first.

We have some issues at my workplace of people "too frequently" checking their non-work releated hotmail email accounts. One person has even gone so far as to install MSN Messenger to use for it's instant email notification popups. I don't want to have to completely block all access to every server related to MSN (hotmail or not), but I would like to just block the hotmail and messenger ones. Our unofficial net usage policy is that you can use but not abuse.

We have a Watchgaurd firebox II which allows me to specify IP's to block (and ranges), but I'm not sure if I am blocking enough or all of the servers that hotmail/Messenger uses. I know I have at least some of them, but not likely all of them. I haven't been able to find a nicely compiled list of hotmail/Messenger server IP's, but I figure someone else has had to deal with this issue before. Thus far I've been tracking the firewall logs and using WHOIS to check IP ownership and then compile a list (or net block) of IP's to specify the firewall to block. But I question whether this enough or the best way to do this.

Any thoughts?

Thanks!

Shawn F.
 
Sort by date Sort by votes
Oops! I either forgot to type an appropriate title for this thread or I typed in something else by mistake!

On a different note.... is there any way I can edit my original message to fix this?
 
Upvote 0 Downvote
As to your last question, if you don't preview your post, the only way to edit your post is to "Red Flag" it, let Tek Tips delete it, and then repost.
James P. Cottingham

I am the Unknown lead by the Unknowing.
I have done so much with so little
for so long that I am now qualified
to do anything with nothing.
 
Upvote 0 Downvote
There a two things:

1. your people are installing their own software like MS-Messenger, ICQ or AIM..... That is a thing you should not allow, because these programs contain server functions which could be a security risk for your computers. ( Viruses, Trojan Horses, Worms )

Additionally the software installed may be a illegal copy and running illegal software on your computers may cause legal trouble to you.
In some Companies people who are installing private Software could be fired.

2. The missuse of the Computers by calling private Mailboxes can be suppressed by a proxy server which opens these URLs during special times only (Lunch break ....)
hnd
hasso55@yahoo.com

 
Upvote 0 Downvote
Additionally, while not specifically a "technical" issue, you should have an APPROPRIATE USE and SECURITY POLICY defined in your organization.

If you have one, update it to include language that AIM, MSN, HotMail etc are NOT appropriate uses of company resources, and that all internet use is monitored, etc etc etc

---
John Hoke<br>
 
Upvote 0 Downvote
Yes, a policy is definately needed. We are a small organization, and up until just a few months ago there wasn't any internet activity to worry about because we didn't have the servers and internet connection we have now. Our current &quot;policy&quot; is use but not abuse. I'm trying to get my boss to come up with some sort of formal policy (he is part owner in the company and has final say on it, although I will probably make up the parameters of it). Unfortunately he doesn't want me spending any time monitoring internet activity and what not, as if security were a static thing. I personally don't want to have to play internet cop either, however I need to learn how to do this stuff to begin with, and in order to discover any abuse one (myself) must monitor activity.... My company's owners really don't understand the full extent of the threats possible these days, and that a company cannot just create a security policy and then leave it be forever. Threats constantly appear and evolve. I don't fully understand the extent of threats either since I'm new to this area of computers, but I know enough to know it's mind boggling and needs more attention than what we've been giving it.

Thanks,

Shawn F.
 
Upvote 0 Downvote
take a look at SANS.net and other security sites that can give you &quot;boilerplate&quot; policies.

No one &quot;wants&quot; to play NetCop, but it is a necessary evil. You can get a linux box and SNORTGuard up and running pretty painlessly to block &quot;unauhtorized&quot; traffic, etc and have logs to look at &quot;if necessary&quot;.

Its a win-win solution because if people realize they are logging into a proxy server that LOGS their actions, they will for the most part stop visiting sites they KNOW they should not be at from work ;)

---
John Hoke<br>
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

GeorgeAlba
  • Locked
  • Question
What do you think about this proxy
Replies
0
Views
175
GeorgeAlba
GeorgeAlba
disturbedone
  • Locked
  • Question
proxy.pac not working correctly in IE11
Replies
0
Views
148
disturbedone
disturbedone
gbayi_omo
  • Locked
  • Question
Cisco ASA 5505 not allowing access to highest security zone
Replies
0
Views
117
gbayi_omo
gbayi_omo
brownmab53
  • Locked
  • Question
PIX 525 ASA not allowing DHCP addresses to pass through to router
Replies
0
Views
149
brownmab53
brownmab53
bfordz
  • Locked
  • Question
www.watchguard.com/forum not available
Replies
7
Views
105
Fellows
Fellows

Part and Inventory Search

Sponsor

Back
Top