Re: Kazaa Block !
From: mark henderson (markch@charter.net)
Date: 11/30/02
- Next message: Alexander Delarge: "Re: Black Ice or Zone Alarm?"
- Previous message: Mimic: "Re: A Royal Name"
- Next in thread: NeoSadist: "Re: Kazaa Block !"
- Reply: NeoSadist: "Re: Kazaa Block !"
- Maybe reply: Lars: "Re: Kazaa Block !"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "mark henderson" <markch@charter.net> Date: Sat, 30 Nov 2002 17:01:36 -0500
Thanks for your interesting posts neosadist. I like your attitude.
mch
"NeoSadist" <neos@dist> wrote in message
news:uug79l35lgp74@corp.supernews.com...
>
> "hazard" <platon@hazard.gr> wrote in message
> news:as77rl$l4d$1@ulysses.noc.ntua.gr...
> >
> > > What the world?
> > > Are you the net admin?
> > > First off, if this is a work LAN, and you're the admin, uninstall all
> > KaZaA
> > > from all computers and tell your boss what is going on: that this is a
> > mild
> > > security breach, but worse, it is a blatant abuse of work computers.
> > Then,
> > > block all dynamic ports (1024-65535) both in and out, if you're brave,
> or
> > > just re-setup the firewall to only allow in what you want in: i.e.
http,
> > > etc. If they don't need to download, you can safely disable ftp. The
> > best
> > > method is block everything, then only allow what is absolutely needed
to
> > do
> > > their job. Period. No matter how old your users are at work, they
will
> > > always act like children -- they will try to get away with whatever
they
> > > can, somehow thinking that their work computer belongs to them. Blame
> > > Microsoft for starting the psychology of "MY documents", "MY email",
"MY
> > > music", etc lol.
> > > If this is a home LAN, and these are your children, ground them first,
> > then
> > > block KaZaA from their computers, using password protection and/or
> windows
> > > 2000 user priveleges. However, being a home LAN, there's not much you
> can
> > > do, but security also isn't a big deal, although it should at least be
> > > implemented.
> > >
> >
> > It's the lan on the work. I have already blocked everything, perimiting
> only
> > http and some https they need BUT the newest version of kazza have an
> option
> > which says that if the client can not connect on the specific port, then
> it
> > goes over port 80. So, i'm trying to to figure if the client connects
> first
> > to a kazaa server (which port) and then to the other client to
> > download/upload. On the firewall log i found only the rr1.kazaa.com on
> port
> > 80 which is the first page of kazaa and the the connections to the other
> > clients, all in port 80. The solution i provided with the ports 1214 &
> 3306
> > is working but after an hour or so it connects !!
>
> First off, remind the employees that these are not their computers. I
don't
> know the ports it uses, but block them all, then open only the ones you
need
> like port 80.
> However, it's true that most programs can be reconfigured to use a "blind"
> proxy of port 80 with no proxy address.
>
>
> >
> > Even if i uninstall the software, even if i tell it to my boss nothing
> will
> > happen. It's a software company, everyone here is a programmer or a
> > marketing/sales etc man and only one IT person. They believe that the IT
> man
> > is useless because he doesn't produce something and he doesn't brings
> money
> > to company. But he is responsible if the secretary pc is full of viruses
> and
> > trojans, he is responsible if the mouse of another secretary doesn't
work
> > and other stupid things !!!
> > So, i prefer to be the bad guy by blocking the ports/domains and not be
> the
> > bad guy by uninstalling software and talking to boss.
> > Sad but true....
> >
>
> Remind them that you keep the company running because you prevent people
> from destroying their work that's saved on YOUR computers.
> If your boss won't listen and won't curb the employees, start looking for
a
> job elsewhere. It's not nice to not have any control but then be the one
to
> get hammered when the company gets hacked. Tell your boss too: that you
> don't like being a puppet, which is what you are if you're responsible but
> not able to control it.
> Also, uninstall the program from the win2k computer, and downgrade
> everyone's accounts to restricted user ("User") instead of power user.
> Then, go into control panel > administrative tools > local security policy
> and browse through it. Disable everyone except you (I can't remember the
> setting, but it's in there) from installing programs, and also set the
> Unsigned driver and unsigned software rights to Disabled, that way they
> can't install almost everything.
> Also, be sure to delete their mp3's and krap like that, and clean up the
> system registry. It's time consuming, but it can be done.
> Also, look at incoming and outgoing web addresses, and block all the file
> sharing ones you can find (*.kazaa.com, *.gnutella.com, etc).
> I sympathize for you, man. Wish I were on the team. I'm sadistic enough
> not to care if people hate me when I hack into their profile and prevent
> them from doing just about anything.
> OH! Another thing: you can prevent users from running certain programs
> (www.regedit.com has the way to do it) by the program name. I'd add
> "setup.exe" and whatever the executables are for kazaa to that list.
Also,
> adding "regedit.exe" to that list will prevent them from hacking into
> things.
> Also, role play. Pretend you're a dusgruntled, stupid employee, and go
find
> information on the net on how to hack through corporate security to use
> Kazaa and other things. The info should be out there. This is like
> "counter-security" stuff.
>
>
- Next message: Alexander Delarge: "Re: Black Ice or Zone Alarm?"
- Previous message: Mimic: "Re: A Royal Name"
- Next in thread: NeoSadist: "Re: Kazaa Block !"
- Reply: NeoSadist: "Re: Kazaa Block !"
- Maybe reply: Lars: "Re: Kazaa Block !"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
