how would you deal with blocking client side applications that masquerade as other types of traffic? Such as clients that connect to remote hosts on ports like 80, 22, 53, etc that your site allows out as legitimate traffic.