| #1 | |
|
|
OT: Numpty in the office
.........didn't look to happy yesterday when he came in and realised that the p2p was now blocked and he couldn't get his daily diet of porn. Gutted. Job done. And users screaming of pcs networking apps coming to a halt has also diminished. Also firewalled several sites so users can't DIRECTLY get to the commercial sites with the p2p stuff on even though others are likely to host downloads of them of varying versions. U all network safely, now  )Tone |
| #2 | |
|
|
Re: Numpty in the office
"TonyF" <v8rocks2003@yahoo-remove.co.uk> wrote in message
news:10eq1a5juhslh8f@corp.supernews.com... > > ........didn't look to happy yesterday when he came in and realised that the > p2p was now blocked and he couldn't get his daily diet of porn. Gutted. > > Job done. And users screaming of pcs networking apps coming to a halt has > also diminished. > > Also firewalled several sites so users can't DIRECTLY get to the commercial > sites with the p2p stuff on even though others are likely to host downloads > of them of varying versions. Wouldn't Mamma be proud. -- Sorby |
| #3 | |
|
|
Re: OT: Numpty in the office
TonyF left a note on my windscreen which said:
> ........didn't look to happy yesterday when he came in and realised that the > p2p was now blocked and he couldn't get his daily diet of porn. Gutted. Well batted, sir. > Job done. And users screaming of pcs networking apps coming to a halt has > also diminished. > Also firewalled several sites so users can't DIRECTLY get to the commercial > sites with the p2p stuff on even though others are likely to host downloads > of them of varying versions. So did u do it all on the firewall in the end by port blocking or did you figure something out on the router side of things? -- Stoneskin [Insert sig text here] |
| #4 | |
|
|
Re: Numpty in the office
"Sorby" <Sorby@hotmail.com> wrote in message news:2l4g24F8hsqfU1@uni-berlin.de... > "TonyF" <v8rocks2003@yahoo-remove.co.uk> wrote in message > news:10eq1a5juhslh8f@corp.supernews.com... >> >> ........didn't look to happy yesterday when he came in and realised that > the >> p2p was now blocked and he couldn't get his daily diet of porn. Gutted. >> >> Job done. And users screaming of pcs networking apps coming to a halt has >> also diminished. >> >> Also firewalled several sites so users can't DIRECTLY get to the > commercial >> sites with the p2p stuff on even though others are likely to host > downloads >> of them of varying versions. > > Wouldn't Mamma be proud. > > -- > Sorby > > you wanna try working here. users arent even allowed to check their personal e-mail at lunch time. If its not absolutely work related, its blocked. p2p simply cant be run. All very heavy handed. Fortunately, a couple of ip addresses are allowed to access the net without going through the proxy. Being in the IT dept, it just so happens that i have one of them. Means i get to waste my time being in the newsgroups. Oist CBF600 |
| #5 | |
|
|
Re: OT: Numpty in the office
"Stoneskin" <no@thanks.com> wrote in message news:MPG.1b57295ffe9817279898be@news.individual.ne t... > So did u do it all on the firewall in the end by port blocking or did > you figure something out on the router side of things? Purely by blocking ports and rather than worrying about damage it might do to other clients, set up specific rules for his single machine (fixed IP) that is constantly in the office (hence likely to be abused more than his laptop) I think the ones that broke the camel were 411 on TCP, 412 UDP and 420 TCP. Im not too bothered about it breaking his machine, if he moans then fine. I tested it and it came up with a nice cannot connect message every time you fire that client up. Lesson is not to harvest porn on ones work machine innit. I also blanket banned certain IPs from being accessed across the whole internal network outgoing. eg kazaalite various websites. So no one should even download it at least not from the main site anyway. I will keep using net conn anyway to keep a monitor of connections to check its not abused. I have learned 100% more about firewalling than I knew 2 days ago. And thanks for helping with that. Tone |
| #6 | |
|
|
Re: Numpty in the office
"James Austin" <givememychoice@yahoo.com> wrote in message
news:10eq8doi4tle44f@corp.supernews.com... > you wanna try working here. users arent even allowed to check their personal > e-mail at lunch time. If its not absolutely work related, its blocked. p2p > simply cant be run. All very heavy handed. Fortunately, a couple of ip > addresses are allowed to access the net without going through the proxy. > Being in the IT dept, it just so happens that i have one of them. Means i > get to waste my time being in the newsgroups. > > Oist > CBF600 Dont get me wrong im not against personal use completely, especially when you cant get out the office with it being so busy and needing to monitor personal email etc or place orders, but when someone uses up the whole bandwidth leaving users screaming thats f-ing out of order and demands retribution. Its not what the office network is there for, guv. Tony |
| #7 | |
|
|
Re: Numpty in the office
TonyF wrote:
> > Dont get me wrong im not against personal use completely, especially > when you cant get out the office with it being so busy and needing to > monitor personal email etc or place orders, > but when someone uses up the whole bandwidth leaving users screaming > thats f-ing out of order and > demands retribution. Its not what the office network is there for, > guv. "Retribution" - strange choice of word. |
| #8 | |
|
|
Re: OT: Numpty in the office
TonyF wrote:
> I tested it and it came up with a nice cannot connect message every > time you fire that client up. > Lesson is not to harvest porn on ones work machine innit. > I also blanket banned certain IPs from being accessed across the whole > internal network outgoing. eg kazaalite various websites. > So no one should even download it at least not from the main site > anyway. And yet, here you are, posting away to a newsgroup. |
| #9 | |
|
|
Re: OT: Numpty in the office
TonyF left a note on my windscreen which said:
> I also blanket banned certain IPs from being accessed across the whole > internal network outgoing. eg kazaalite various websites. > So no one should even download it at least not from the main site anyway. You may or may not already have these sites but some popular emule sites are; www.shareconnector.com www.sharereactor.com www.shareprovider.com HTH -- Stoneskin [Insert sig text here] |
| #10 | |
|
|
Re: OT: Numpty in the office
"dwb" <parc_erom@crossdata.co.uk> wrote in message
news:2l4r7tF8gsatU1@uni-berlin.de... > TonyF wrote: > > > I tested it and it came up with a nice cannot connect message every > > time you fire that client up. > > Lesson is not to harvest porn on ones work machine innit. > > I also blanket banned certain IPs from being accessed across the whole > > internal network outgoing. eg kazaalite various websites. > > So no one should even download it at least not from the main site > > anyway. > > And yet, here you are, posting away to a newsgroup. Erm yeah and your point? Its work related aint it. Tony |
| #11 | |
|
|
Re: OT: Numpty in the office
"Switters" <me@privacy.net> wrote in message >
> > I think the ones that broke the camel were 411 on TCP, 412 UDP and 420 > > TCP. > > So you have a default permit policy? I guess that would mean yes. Outgoing anyway, well I expect that is in order to ensure that you can get to all websites etc. Hell, I never set it up or even profess to be any good at this. I'm just trying to help. Tony |
| #12 | |
|
|
Re: OT: Numpty in the office
On Thu, 08 Jul 2004 14:19:45 GMT, "TonyF"
<v8rocks2003@yahoo-remove.co.uk> allegedly wrote: > "Switters" <me@privacy.net> wrote in message > >> > I think the ones that broke the camel were 411 on TCP, 412 UDP and >> > 420 TCP. >> >> So you have a default permit policy? > > I guess that would mean yes. Outgoing anyway, well I expect that is in > order to ensure that you can get to all websites etc. Screw em, they don't need *all* websites. 80 & 443 should be all you need below 1024. Then you might want 8000-8500 just for those noddy extras... depends on how mean/nice you want to be. > Hell, I never set it up or even profess to be any good at this. > I'm just trying to help. Tch, typical, they just dump it on some poor bastard that doesn't have a clue and guess who gets the bollocking when it goes tits up? |
| #13 | |
|
|
Re: OT: Numpty in the office
"Stoneskin" <no@thanks.com> wrote in message
> You may or may not already have these sites but some popular emule sites > are; > > www.shareconnector.com > www.sharereactor.com > www.shareprovider.com > > HTH > -- > Stoneskin Cheers Dude. Tone |
| #14 | |
|
|
Re: Numpty in the office
> Dont get me wrong im not against personal use completely, especially when > you cant get out the office with it being so busy and needing to monitor > personal email etc or place orders, > but when someone uses up the whole bandwidth leaving users screaming thats > f-ing out of order and > demands retribution. Its not what the office network is there for, guv. > > Tony > > I agree. Fortunately we are a smallish company (150 users) and most dont access the net much at all. I have twice been guilty of causing disruption (once for winxp sp2 and one for a linux distro)...but our isp is that dedicated to us that they actually phoned up to see if everything was ok, as bandwidth had been utilised to the max for a reasonable period of time. Oist CBF600 |
| #15 | |
|
|
Re: OT: Numpty in the office
On Thu, 08 Jul 2004 11:40:33 GMT, "TonyF"
<v8rocks2003@yahoo-remove.co.uk> allegedly wrote: > I think the ones that broke the camel were 411 on TCP, 412 UDP and 420 > TCP. So you have a default permit policy? |
