RE: N00b Question

From: G.Crow (secure.computing_at_gmail.com)
Date: 12/31/04

  • Next message: chip: "Re: pings" 
    To: <security-basics@lists.securityfocus.com>
Date: Thu, 30 Dec 2004 22:33:19 -0500

    For blocking certain sites your best bet is a proxy of some sort, presumably
    transparent. Lots of people on this list will point you towards Squid if
    you're looking in the open-source realm. You *could* block site IPs in your
    firewalls (PIX firewalls are almost all, if not all, in the 500-scheme. I
    haven't looked at the lineup recently.) That is, however, not a great
    solution for a variety of reasons.

    If you are blocking the web-based email, why do you need to block the
    ability to upload attachments?

    For MSN/yahoo chat you can block the ports in your external firewall. This
    will stop 95% of your users (possibly more if MSN/yahoo don't accept
    connections on any port like AIM does.) You can also see if your
    infrastructure supports deep packet inspection - Cisco has a good variety of
    capabilities regarding that, but I can't for the life of me remember the
    acronym, and my Cisco books are in the office. I avoid it, myself, since it
    punts packets to the processor, but that doesn't matter as much with a
    slower external link.

    Quotas established for web surfing? Do you mean accounting per computer
    (he's been on the web *this* much today) or do you actually mean cutting it
    off after a certain point per day? Logging and log analysis is easy enough,
    but true quotas would require authentication of some sort most likely, and
    are probably more trouble then they're worth. If bandwidth is an issue I
    would just implement QoS and put port 80/443 traffic in a low CoS.

    Gabe

    > -----Original Message-----
    > From: Harshal Dedhia [mailto:harshal.dedhia@skybird-travel.com]
    > Sent: December 30, 2004 11:42 AM
    > To: security-basics@securityfocus.com
    > Subject: N00b Question
    >
    > Hi,
    > I am very new to the firewall and network security world. I have a
    > situation wherein I need to block webbased email access and the ability
    > to upload attachments to web-based email. I also need to ensure that
    > MSN/yahoo chat is disabled and quotas are established for web surfing.
    >
    > Is there an Open Source solution to this problem. The network comprises
    > Cisco Routers and 500 series firewalls.
    >
    > Cheers!
    > Harshal

  • Next message: chip: "Re: pings"

    Relevant Pages

    • Re: SLOWWWWWW SEARCH WITH GOOGLE, MSN AND YAHOO!
      ... When you say you are running Norton's and Zone Alarm, ... Norton Internet Security, if yes, perhaps the fact you are running two ... firewalls is related to the issue. ... software you mention has ad blocking and popup blocking capabilities as well ...
      (microsoft.public.windowsxp.accessibility)
    • Re: cannot ping or be pinged
      ... No firewalls have been added. ... >Have you installed any some sort of firewall on your ... computers. ... I also cannot ping any clients from the server. ...
      (microsoft.public.win2000.general)
    • Re: ATTN: Mad Hatter( ip security)
      ... mean there's all sorts of hardware based firewalls, ... IP on your home computer vs blocking an IP on a certain number of ... They only werk when I give a frosty fuck. ... "Usenet Filters - Learn to shut yourself the fuck up!" ...
      (alt.2600)
    • Re: News Server Wont Connect After Windows Update
      ... "PeerGuardian is known to be incompatible with McAfee and BlackICE firewalls." ... > Try telnet to the server to see if something is blocking from your ... I can telnet to the server w/o problems. ... > Jim Pickering, MVP, Outlook Express ...
      (microsoft.public.windows.inetexplorer.ie6_outlookexpress)
    • Re: Affilate scheme
      ... Standard firewalls only do port blocking, ... advanced software firewalls include packet filters, ...
      (borland.public.delphi.thirdpartytools.general)