Re: httport 3snf

[Paul Robertson <proberts () patriot net>]

On Tue, 22 Oct 2002, Duncan wrote:

>     And then; you should not even have to block all (IM, AIM, ....) access, only
> monitor
>     access for those that are not in compliance with the policy.

I used to think this.  I've done enough abuse investigations, and looked 
at enough places now that I think that stopping the casual abusers makes 
the case stronger, and means that abusers have to purposefully not only 
abuse, but actively do so.

Showing malice up front makes the abuser much easier to apply corrective 
action to.

Paul
-----------------------------------------------------------------------------
Paul D. Robertson      "My statements in this message are personal opinions
proberts () patriot net      which may have no basis whatsoever in fact."
probertson () trusecure com Director of Risk Assessment TruSecure Corporation


***********************************************************************
This message is intended only for the use of the intended recipient and
may contain information that is PRIVILEGED and/or CONFIDENTIAL.  If you
are not the intended recipient, you are hereby notified that any use,
dissemination, disclosure or copying of this communication is strictly
prohibited.  If you have received this communication in error, please
destroy all copies of this message and its attachments and notify us
immediately.
***********************************************************************

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards