|
Firewall Wizards
mailing list archives
Re: Blocking Google Talk
From: "Paul D. Robertson" <paul () compuwar net>
Date: Mon, 19 Jun 2006 19:55:05 -0400 (EDT)
Wait.... isn't that "security through obscurity"? What prevents the user
from using:
216.239.37.125 talk.google.com
in his hosts file? You are telling me that Google recommends attempting
to foil a resolver by returning bogus entries as an attempt to prohibit
Google Talk traffic in a network? Is that the new Status Quo of Internet
giants, giving stupid "un-security" advice like that?
Excuse me while I wipe the coffee off my screen and keyboard...
It's a reasonable first step. If the user has the ability to modify their
resolver configuration, then that may be a bigger issue than running a
chat client. After all, what's to stop the user from using an SSL tunnel
to a proxy server somewhere on the Internet? DNS tunnel? SSH tunnel...
The answer given is enough to enforce the policy from casual abusers,
which is really the goal of most protective policy measures. An active
and determined abuser needs to be held to a higher standard of account
than someone who clicked on a link on a Web page.
Once you've gotten to the circumvention stage, you're in the "removed
permanently from the network" category of users who deserves termination.
Paul
-----------------------------------------------------------------------------
Paul D. Robertson "My statements in this message are personal opinions
paul () compuwar net which may have no basis whatsoever in fact."
http://fora.compuwar.net Infosec discussion boards
_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
 By Date 
By Thread
Current thread:
- Re: Blocking Google Talk, (continued)
- Re: Blocking Google Talk Paul D. Robertson (Jun 19)
|
Intro
