Re: Blocking Music Sharing.

["james" <hackerwacker () cybermesa com>]

:I think the key here is a strong enforceable communicated policy and then identifying the traffic and addressing the
user. I would go with an IDS (Snort is a  good :choice to IDENTIFY as you can easily write the sigs). Now granted Snort
could pick it up on different ports depending on what it was looking for, however you need to think about tunneled
connections via ssh and ssl. A good client inventory app seems to be the best way to catch these... Ahhh big brother and
his tools.
:
: Regards,
: ---------------------
: Jared Bergeron
: Systems Analyst / E-Security
: XEROX Office Printing Business
:


I have always felt that solving personnel problems with firewalls is a really poor use of time and hardware.
Admin will end up chasing this all the time as the P2P technology changes. Far better to run an IDS
and log the offenders, the let HR take care of this.

James Edwards
Routing and Security Administrator
jamesh () cybermesa com
At the Santa Fe Office: Internet at Cyber Mesa
Store hours: 9-6 Monday through Friday
Phone support 365 days till 10 pm via the Santa Fe office:
505-988-9200 or Toll Free: 888-988-2700


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html