RE: firewall ruleset
Hello,
One other note.. Log the traffic that is being done, you can track
it down based on MAC address. Then develop a company policy about
what to do when your users don't follow the non business web company
policy (That you've already published right?) Then publish that
policy to your user base to let them know what will happen when trying
to get around your company policy. If you give them warnings/logs of
the attempt's it will let them know you can track them, and give some
teeth to your punishment policy.
Can you say Big Brother is Watching????
Bill Suetholz
On 20-Dec-00 Maurice Verhagen wrote:
> Hello,
>
> I have some problem with several users on our network.
> The firewall settings are the following:
> reject all traffic (incoming, outgoing, forward)
> accept several ports.
> I don't want them to surf the web so I closed port 80 for all sites except
> some (for instance some business related sites).
> Now some wiseguys found out that all the reply ports are open
> (1023-65535) and they use anonymous proxies around the world.
> I closed port 3128 and 8080 (most common). But now they use random ports
> with a port-redirector I guess at several boxes outside the company.
>
> I wondered if there is a better ruleset then allowing all high ports
> (1023+) ??
>
> Kind regards,
> Maurice Verhagen
>
>
>
> --
> To UNSUBSCRIBE, email to debian-isp-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>
----------------------------------
E-Mail: wsuetholz@centonline.com
Date: 20-Dec-00
Time: 11:59:03
This message was sent by XFMail
----------------------------------
Reply to: