SIGN UP

Network security

Avatar Image
OBonio | 11:29 Fri 19th Aug 2005 | Technology
8 Answers
How would you lock down your network to stop people from using the internet unproductively during work time?

I've said that I could probably get round a lot of lock downs. Now some network admins will deny that ANYONE can get round their measures. This is due to over confidence usually. Prove me wrong.

Answers

1 to 8 of 8rss feed

Best Answer

No best answer has yet been selected by OBonio. Once a best answer has been selected, it will be shown here.

For more on marking an answer as the "Best Answer", please visit our FAQ.

No.  Stop being a slave driver.

Question Author
? Not sure I get you. This is a purely hypothetical question brought on my georgit's question below and someone's claim to be running a 100% secure network.
well one way would be to ban internet usage completely.  Some businesses do this - I attended a course with some people from the Serious Crime Squad and none of them had internet access on their work pcs. If they needed to access a website they had to use a special terminal that wasn't on the business network.
Depends on budget, amount of hosts, etc, but products ranging from SurfControl to MS ISA Server can do the trick.
Question Author
You can have all the budget in the world with the best software, but if they aren't configured properly... What I was after was more in depth detail on how a net admin would, for instance, block an ssh tunnel.

I agree, with all the money if the applications are not configured properly, networks can still be vulnerable. However, I would have thought that a Net Admin would have taken the time to use the apps properly before implementing - considering the investment. ISA and SurfControl can and will do the trick - certainly have done in my corp.

Another thing, not so sure about a network being 100% secure. As long as there are "users" using the LAN etc. it will not be completely secure. eg. Password sharing, USB drives etc. - just my opinion, but that is why they employ Net and Sys Admins, partly.

Use a Firewall and block traffic for browser programs. That stops everything.

Cheat by using the "Allowed sites" options in parental control sections of many Security Suites like Norton and McAfee.

Alternatively, adopt a positive Human Resources policy, display trust in the employess and be amazed at how overall productivity might increase. Bored, unhappy workers seek amusement; motivated workers, work!
Question Author
>> Use a Firewall and block traffic for browser programs. That stops everything.

It does? I was under the impression web browsers generally used port 80 (http) and port 443 (https)... AIM etc use different ports than this ... The ssh tunnel I mentioned above could use any port....

1 to 8 of 8rss feed

Do you know the answer?

Network security

Answer Question >>