dcsimg
Page 2 of 4 FirstFirst 1234 LastLast
Results 11 to 20 of 35

Thread: Blocking messengers

  1. #11
    Banned
    Join Date
    Jul 2002
    Posts
    44
    "There are not technical solution to Administrative problems."

    Saw this some where......

    Basically.......Policy says dont do it or else!!!

  2. #12
    Junior Member
    Join Date
    Oct 2002
    Posts
    2

    Talking

    I have found that the best policy is not "do not or else" but is "cannot at all".

  3. #13
    Junior Member
    Join Date
    Oct 2002
    Posts
    2

    Talking

    I have found that the best policy is not "do not or else" but is "cannot at all".

  4. #14
    Senior Member
    Join Date
    Jul 2002
    Posts
    107
    You can make all your user restricted so they cannot install any software on there machine.
    Alright take it ease

  5. #15
    Senior Member
    Join Date
    Jul 2002
    Posts
    107
    You can make all your user restricted so they cannot install any software on there machine.
    Alright take it ease

  6. #16
    Senior Member
    Join Date
    Apr 2002
    Posts
    889
    I agree with what gypsygeek said "There are not technical solution to Administrative problems." In short unless you are backed up with a policy that has some teeth in it users will use web based chat. Depending on the firewall at least with one that I used a few years you could ban access based upon the program accessing the web even if it rode on top of the web browser. Better bet is not to block a server name but the IP address range, followed by the ports they use. Another alt way is to aduit the users of chats computers most if not all by default save a log (boy this can really bite a company), simply review the log and chat times etc then confront the user that is chatting and not working. Work is work play is play Unless they dig around logs will be there unless they have shut them off, also check out the really hidden M$ files they keep it all and takes much effort to find and remove those files, but do a google search and find out how to read them.
    I believe that one of the characteristics of the human race - possibly the one that is primarily responsible for its course of evolution - is that it has grown by creatively responding to failure.- Glen Seaborg

  7. #17
    Senior Member
    Join Date
    Apr 2002
    Posts
    889
    I agree with what gypsygeek said "There are not technical solution to Administrative problems." In short unless you are backed up with a policy that has some teeth in it users will use web based chat. Depending on the firewall at least with one that I used a few years you could ban access based upon the program accessing the web even if it rode on top of the web browser. Better bet is not to block a server name but the IP address range, followed by the ports they use. Another alt way is to aduit the users of chats computers most if not all by default save a log (boy this can really bite a company), simply review the log and chat times etc then confront the user that is chatting and not working. Work is work play is play Unless they dig around logs will be there unless they have shut them off, also check out the really hidden M$ files they keep it all and takes much effort to find and remove those files, but do a google search and find out how to read them.
    I believe that one of the characteristics of the human race - possibly the one that is primarily responsible for its course of evolution - is that it has grown by creatively responding to failure.- Glen Seaborg

  8. #18
    Jaded Network Admin nebulus200's Avatar
    Join Date
    Jun 2002
    Posts
    1,356
    Depending on how serious you are about enforcing the no chat policy (and hence your willingness to track everything down), you could set up the blocks to those ip's/domains and then log all those denies (or even the default port for the application). You would then know who tried to access it and you could take whatever actions are necessary to remove the messenger from the network.

    As a side note, many IDS systems have signatures that detect the use of messengers, you could set it up to either log the events or even to kill the connections as it sees them (usually with a reset that is sent to both ends of the connection), but you need to be a little careful with that in that you might accidentally block legitimate traffic (depending on how good those signatures are).

    /nebulus
    There is only one constant, one universal, it is the only real truth: causality. Action. Reaction. Cause and effect...There is no escape from it, we are forever slaves to it. Our only hope, our only peace is to understand it, to understand the 'why'. 'Why' is what separates us from them, you from me. 'Why' is the only real social power, without it you are powerless.

    (Merovingian - Matrix Reloaded)

  9. #19
    Jaded Network Admin nebulus200's Avatar
    Join Date
    Jun 2002
    Posts
    1,356
    Depending on how serious you are about enforcing the no chat policy (and hence your willingness to track everything down), you could set up the blocks to those ip's/domains and then log all those denies (or even the default port for the application). You would then know who tried to access it and you could take whatever actions are necessary to remove the messenger from the network.

    As a side note, many IDS systems have signatures that detect the use of messengers, you could set it up to either log the events or even to kill the connections as it sees them (usually with a reset that is sent to both ends of the connection), but you need to be a little careful with that in that you might accidentally block legitimate traffic (depending on how good those signatures are).

    /nebulus
    There is only one constant, one universal, it is the only real truth: causality. Action. Reaction. Cause and effect...There is no escape from it, we are forever slaves to it. Our only hope, our only peace is to understand it, to understand the 'why'. 'Why' is what separates us from them, you from me. 'Why' is the only real social power, without it you are powerless.

    (Merovingian - Matrix Reloaded)

  10. #20
    Senior Member
    Join Date
    Feb 2002
    Posts
    177
    I know there's different options to achive the same goal. Thats not what I was asking. Either way, best bet is to block their logon servers I guess. Simplest anyway, and doesn't give me a headache.

    Thanks for all the replies though!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •