Solved

Internet misusage

Posted on 2004-08-31
7
403 Views
Last Modified: 2008-03-10
Using Web Spy we monitoring our organizational web usage.  We use BT ISA filter for most content blocking and block all incoming ports except 80, 443 and 25.  The problem is everyday it seems users are able to find new some new chat mechanism.  The latest was phonefox and e-messenger.net.  Chatting is in clear violation of policy.  All users have signed computer user agreements.  Short of sending out termination letters to every employee that violates policy is there another way to win the battle of these port 80 chatters?
0
Comment
Question by:nikkgilbert
7 Comments
 
LVL 44

Expert Comment

by:CrazyOne
ID: 11939949
Port 80 is somewhat univeral. IE needs it. Ummm if you are going to curtail chat useage then use cameras to look each individual person or a key logger.

***Edited Comment-WesLennon - By Request***
0
 
LVL 5

Expert Comment

by:webtrans
ID: 11939993
try this product
should very much help
http://www.akonix.com/products/l7_isa.asp
0
 

Author Comment

by:nikkgilbert
ID: 11940002
Perhaps I should have been a little bit more detailed.  As my organization is a US military base outside the US.  Its a security risk, plain and simple to answer your second comment.
0
What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

 
LVL 5

Accepted Solution

by:
webtrans earned 250 total points
ID: 11940022
well best practice would be
1-installing the Content filtering Plugin
2-watching up on the website vistied traffic report on a daily basis and adding as u walk through
other than that i see u have a very limited way of handling it

OR

u can close all sites through the CF plugin to ISA
and ask them to ask u on a one by one basis to open needed websites for there work
:D
that should pretty much do it i guess

0
 
LVL 6

Expert Comment

by:bloemkool1980
ID: 11940122
Perhaps I should have been a little bit more detailed.  As my organization is a US military base outside the US.  Its a security risk, plain and simple to answer your second comment.
By saying this you disclosed probably more than your users did.
If you like to restrict any chat thing use a url filter such as websense. Disabled the CONNECT method of your proxy. If you like a very restrictive approach you should create a whitelist which are the only websites that are allowed.
0
 
LVL 4

Expert Comment

by:gemchest
ID: 11940127
Hi nikkgibert,

To be frank it's very hard to curtail port 80 chat problem. Of course, you can do a complete filtering by installing plug-in. However that might (or might not) slow down all the connections considerably and will be using huge resources to do so. As an millitary organisation i suggest you should educate your employees and instill strict discipline on the way they handle the systems. It's a millitary organisation after all and if it requires such strict security clearance (no chatting programs) then I really think the most effective way is to educate your men.


regards,
Luis
0
 
LVL 6

Expert Comment

by:bloemkool1980
ID: 11940181
for such a question there is no straight forward technical answer.
The only thing you can do is like said before
URL filter or create a whitelist.
Disable Connect method. on your proxy
And this is civilian life we are free to express our opinions sorry m8
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
OWASP ZAP get started 3 73
Virus Kronos 4 67
iOS and Managed domains 2 56
Getting EventID 4625 logon failures 18 81
Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now