Re: Kazaa Block !
From: NeoSadist (neos@dist)
Date: 11/30/02
- Next message: Joseph V. Morris: "Re: Windows XP firewall v Norton Personal Firewall 2003?"
- Previous message: NeoSadist: "Re: Comparisons"
- In reply to: hazard: "Re: Kazaa Block !"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "NeoSadist" <neos@dist> Date: Fri, 29 Nov 2002 19:06:44 -0700
"hazard" <platon@hazard.gr> wrote in message
news:as77rl$l4d$1@ulysses.noc.ntua.gr...
>
> > What the world?
> > Are you the net admin?
> > First off, if this is a work LAN, and you're the admin, uninstall all
> KaZaA
> > from all computers and tell your boss what is going on: that this is a
> mild
> > security breach, but worse, it is a blatant abuse of work computers.
> Then,
> > block all dynamic ports (1024-65535) both in and out, if you're brave,
or
> > just re-setup the firewall to only allow in what you want in: i.e. http,
> > etc. If they don't need to download, you can safely disable ftp. The
> best
> > method is block everything, then only allow what is absolutely needed to
> do
> > their job. Period. No matter how old your users are at work, they will
> > always act like children -- they will try to get away with whatever they
> > can, somehow thinking that their work computer belongs to them. Blame
> > Microsoft for starting the psychology of "MY documents", "MY email", "MY
> > music", etc lol.
> > If this is a home LAN, and these are your children, ground them first,
> then
> > block KaZaA from their computers, using password protection and/or
windows
> > 2000 user priveleges. However, being a home LAN, there's not much you
can
> > do, but security also isn't a big deal, although it should at least be
> > implemented.
> >
>
> It's the lan on the work. I have already blocked everything, perimiting
only
> http and some https they need BUT the newest version of kazza have an
option
> which says that if the client can not connect on the specific port, then
it
> goes over port 80. So, i'm trying to to figure if the client connects
first
> to a kazaa server (which port) and then to the other client to
> download/upload. On the firewall log i found only the rr1.kazaa.com on
port
> 80 which is the first page of kazaa and the the connections to the other
> clients, all in port 80. The solution i provided with the ports 1214 &
3306
> is working but after an hour or so it connects !!
First off, remind the employees that these are not their computers. I don't
know the ports it uses, but block them all, then open only the ones you need
like port 80.
However, it's true that most programs can be reconfigured to use a "blind"
proxy of port 80 with no proxy address.
>
> Even if i uninstall the software, even if i tell it to my boss nothing
will
> happen. It's a software company, everyone here is a programmer or a
> marketing/sales etc man and only one IT person. They believe that the IT
man
> is useless because he doesn't produce something and he doesn't brings
money
> to company. But he is responsible if the secretary pc is full of viruses
and
> trojans, he is responsible if the mouse of another secretary doesn't work
> and other stupid things !!!
> So, i prefer to be the bad guy by blocking the ports/domains and not be
the
> bad guy by uninstalling software and talking to boss.
> Sad but true....
>
Remind them that you keep the company running because you prevent people
from destroying their work that's saved on YOUR computers.
If your boss won't listen and won't curb the employees, start looking for a
job elsewhere. It's not nice to not have any control but then be the one to
get hammered when the company gets hacked. Tell your boss too: that you
don't like being a puppet, which is what you are if you're responsible but
not able to control it.
Also, uninstall the program from the win2k computer, and downgrade
everyone's accounts to restricted user ("User") instead of power user.
Then, go into control panel > administrative tools > local security policy
and browse through it. Disable everyone except you (I can't remember the
setting, but it's in there) from installing programs, and also set the
Unsigned driver and unsigned software rights to Disabled, that way they
can't install almost everything.
Also, be sure to delete their mp3's and krap like that, and clean up the
system registry. It's time consuming, but it can be done.
Also, look at incoming and outgoing web addresses, and block all the file
sharing ones you can find (*.kazaa.com, *.gnutella.com, etc).
I sympathize for you, man. Wish I were on the team. I'm sadistic enough
not to care if people hate me when I hack into their profile and prevent
them from doing just about anything.
OH! Another thing: you can prevent users from running certain programs
(www.regedit.com has the way to do it) by the program name. I'd add
"setup.exe" and whatever the executables are for kazaa to that list. Also,
adding "regedit.exe" to that list will prevent them from hacking into
things.
Also, role play. Pretend you're a dusgruntled, stupid employee, and go find
information on the net on how to hack through corporate security to use
Kazaa and other things. The info should be out there. This is like
"counter-security" stuff.
- Next message: Joseph V. Morris: "Re: Windows XP firewall v Norton Personal Firewall 2003?"
- Previous message: NeoSadist: "Re: Comparisons"
- In reply to: hazard: "Re: Kazaa Block !"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
