Security Basics mailing list archives
Re: N00b Question
From: jayson.agagnier () aero bombardier com
Date: Wed, 5 Jan 2005 14:22:34 -0500
Ahh...info. sec. people never get a break do we? ;-) SQUID Proxy will do just what you're looking for and much more. :) We have several squid proxies in place in a HA load balanced setup with over 10,000 users going through it. All major webmail sites are blocked, based on host, domain and IP address. We also have blocked all web messenger apps. as well as standard client apps, ie. Yahoo!, MSN, ICQ, AOL, again based on destination host, domain and IP address. In addition, we use squid to limit certain sites that are not business related, but users might want to use, such as news, sports, banking, etc. to a limit of 1 hour per day. That way people can do their banking, etc on break or lunch time, but they can not waste their entire day on the web. Squid also lets you setup exceptions, some people may need to be on news sites all day since that is their job. All users have to authenticate to the proxy, and weekly usage reports are generated by user id, listing who used it the most in terms of volume, and connection time. SQUID is extremely flexible and should serve your purpose quite well. Good luck & Happy New Year! :) Jayson Agagnier, CISSP, CISA Sr. Information Security Analyst Bombardier Aerospace Various people from <security-basics () security-focus com> wrote:
I believe this can be done with SQUID PROXY [http://www.squid-cache.org/
].
Never set it up, but I have looked into. Can any other list members please verify?
The problem with MSN/Yahoo! chat programs is that they can be configure to use the same port as web browsing (80) therefore the best solution is to not let them install the programs in the first place.
[SNIP]
I am very new to the firewall and network security world. I have a situation wherein I need to block webbased email access and the ability to upload attachments to web-based email. I also need to ensure that MSN/yahoo chat is disabled and quotas are established for web surfing. Is there an Open Source solution to this problem. The network comprises Cisco Routers and 500 series firewalls.
E-mail disclaimer: This message contains information, which is intended for the sole use of the recipient or authorized representative. Any person who receives this e-mail by mistake shall immediately notify the sender and destroy it. E-mail transmissions cannot be guaranteed to be error-free as information could be intercepted, altered, or contain viruses. The sender therefore does not accept any liability for damages caused by the fraudulent alteration of this message including, without limitations, damages caused by any virus transmitted by it. Ce message contient de l'information destinée au seul usage du destinataire ou de son représentant autorisé. Toute personne qui reçoit ce courriel par erreur doit en aviser immédiatement l"expéditeur et détruire le courriel. Les transmissions de courriels ne peuvent être garanties exemptes d'erreurs puisque l'information peut être interceptée, modifiée ou contenir des virus. L'expéditeur ne peut donc accepter de responsabilité quant aux dommages causés par une modification frauduleuse du message, y compris, sans s'y limiter, tout dommage occasionné par un virus qu'il aurait transmis.
Current thread:
- RE: N00b Question Beauford, Jason (Jan 05)
- <Possible follow-ups>
- Re: N00b Question jayson . agagnier (Jan 05)
- RE: N00b Question Scott Ladd (Jan 05)
- Re: N00b Question josh (Jan 05)
- Re: N00b Question Mike (Jan 06)
- Re: N00b Question josh (Jan 05)
- RE: N00b Question Beauford, Jason (Jan 05)
- RE: N00b Question Corbett, Tim D. (James Tower) (Jan 06)
- RE: N00b Question David Gillett (Jan 07)