Date: Tue, 21 Jan 2003 16:17:07 -0600 From: Kirk Strauser <kirk@strauser.com> To: freebsd-questions@freebsd.org Subject: Re: IPFW, blocking IM servers Message-ID: <87hec2jggs.fsf@pooh.honeypot.net> In-Reply-To: <34651.63.104.35.130.1043185192.squirrel@email.polands.org> ("Doug Poland"'s message of "Tue, 21 Jan 2003 15:39:52 -0600 (CST)") References: <34651.63.104.35.130.1043185192.squirrel@email.polands.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--=-=-= Content-Transfer-Encoding: quoted-printable At 2003-01-21T21:39:52Z, "Doug Poland" <doug@polands.org> writes: > Sorry for this slightly off-topic post... Is there a comprehensive list > of IM servers (names, IPs) available? I'd like to block IM servers from > certain users on my network. No, nor will there be one. Anyone with a server can set up Jabber on any port they want. > From what I've gathered on google, the only effective stragegy is to use > firewall (in my case, IPFW) rules to block IP's, names. OK, first, this is really more of an administrative issue than a technical one. Tell your employees that if they IM for non-work issues (and that IM is logged, whether it is or not), then they are fired. Get your boss to back you. Then, it's not *your* problem if people are wasting their time at work. Second, the only reasonable way to do this is to block *everything* except traffic you want to allow. No client machine needs direct Internet access to send email - make them use a smarthost. Force all machines to surf the web via a Squid proxy, and only let that machine connect out on port 80. Either way is going to piss off a lot of people, so decide in advance which one you can live with. :) =2D-=20 Kirk Strauser In Googlis non est, ergo non est. --=-=-= Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQA+Lcbm5sRg+Y0CpvERAsLCAJ9wHsQrG6MZ1o46WfsSFT1nQXsKlQCfXKzN ovvJIlwWb+8WgdGBCEq1J/I= =8ZiX -----END PGP SIGNATURE----- --=-=-=-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?87hec2jggs.fsf>