NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] [fw-1] Instant Messenger bypass FW-1



Well said!!!

-----Original Message-----
From: Joe Pampel [mailto:[email protected]]
Sent: Thursday, June 13, 2002 6:33 AM
To: [email protected]
Subject: Re: [FW-1] [fw-1] Instant Messenger bypass FW-1


one view of the world...

Our environment is very demanding (Wall St) and so we have taken great pains
to create a
stable build for our workstations. They run for months w/o a reboot which
I'm very
happy about.. From the POV of keeping the machines "flat" as well as
security everyone
knows not to DL anything. The net result of this is that our staff works
efficiently and without
the frustration of machine instability and reboots.

If folks want/need something extra on their desktops that will help them
out, they
can always come and ask. There is no reason IMHO for end users to be
installing stuff
ad hoc on their workstations. They need to understand that. Everyone here
does, and it's
not a "control freak" or "keep them down" thing.. it's simply letting each
group of people
do the best job they can and trusting one another. Everyone is cool about
it. I don't
know if it would hold up at a big firm (we're small, <100) but explaining
what's up to
everyone rather than just putting in dracronian rules and sending out a memo
stating
"because I said so".. has worked well.

Bottom line for me is that the box belongs to the firm, with everything on
it. Part of my job
is deciding what goes on it. I am paid for my "expertise" (such as it is!)
in assessing what
products will work well together, be secure, and most importantly - solve
our business problem.
I use a lot of end user input/feedback to determine the last bit so it is as
participative as possible.

I don't play with the accounting rules or dabble in marketing..  Why would
someone without the expertise need to alter a machine that our IT dept has
spec'd and built, and potentially put others in the firm
at risk?


>>> James Edwards <[email protected]> 06/12/02 04:38PM >>>
We are in the process of changing operating systems on all our PCs and I am
going to seriously attempt to just block my users from installing software
on their PCs.  The theory being of course that if they can't install
anything, they can't put IM clients or any of the other various and sundry
useless, time wasting, PC eating garbage they are so fond of.  I just wonder
if anyone else has managed this and how effective it has been.

Jim Edwards

-----Original Message-----
From: Rocky Stefano [mailto:[email protected]]
Sent: Wednesday, June 12, 2002 9:43 AM
To: [email protected]
Subject: Re: [FW-1] [fw-1] Instant Messenger bypass FW-1


This has long been a known problem. Its not a vulnerability with any
firewall. There are several methods available to stop IM's from getting out
of your network.

-----Original Message-----
From: A, Kaustubh [mailto:[email protected]]
Sent: June 12, 2002 9:05 AM
To: [email protected]
Subject: [FW-1] [fw-1] Instant Messenger bypass FW-1


Folks,

I came to know about an article of Gartner saying that their are some IM
bypassing Firewall by scanning open ports.
Has anybody tested this CP FW-1 NG? I am afraid if this is a problem with
FW-1!!!


 Firewall Bypass Technology


 AOL's Instant Messenger has a uniquely slippery client that is
 designed to bypass firewall port blocking technology, making the
 product easy to configure from behind a firewall. For example, the
 AOL client will use any available port, scanning even those reserved
 for domain naming system (DNS) lookup. This technology enables
 unsophisticated users to sneak past a firewall with relative ease,
 effectively establishing breaches in the corporate firewall.




Kaustubh A.
Technical Consultant
HP Services
----------------------------------------------------------------------------
-------
101-105 Enterprise Center, CTS#55 Off Neharu Road,
Vile Parle (East) Mumbai 400099.
*+91 (0) 22.616.7331 *GSM:*:   [email protected]
URL:  http://www.ho.com/in
----------------------------------------------------------------------------
-------

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================


**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.

This footnote also confirms that this email message has been swept by
MIMEsweeper for the presence of computer viruses.

www.mimesweeper.com
**********************************************************************

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================


**********************************************************************
This email and any attachments are confidential. They may contain privileged
information and are intended for the named addressee (s) only. They must not
be distributed without our consent. If you are not the intended recipient, please
notify us immediately and do not disclose, distribute, or retain this email or any
part of it. Unless expressly stated, opinions in this email are those of the
individule sender, and not of SG. We believe but do not warrant
that this e-mail and the attachment are virus free. You must therefore take full
responsibility for virus checking. SG and its subsidiaries reserve
the right to monitor all email communications through their networks
**********************************************************************

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.