Joseph S D Yao wrote: > > > During the past two days, both of these firewalls became "maxed" out, for > > lack of a better term. Specifically, both machines had reached their > > maxtask limits and could no longer fork any new processes. A check of the > > systems revealed very large numbers of HTTP connections from individual > > internal client workstations. > > > > Does anyone know of some "new" browser plug-in or service pack which could > > be responsible for this ?? ... > > Tell your users to keep JavaScript turned off when browsing the > publicly accessible Internet, especially when browsing their porn > sites. ;-} We had noticed in our firewall logs that some users > visiting sites meriting reprimand had all of a sudden blossomed dozens > within seconds. We also found out why. > > Also, make sure that your users have internal domains in their > Exceptions or No-Proxy lists. Otherwise, all attempts to hit internal > Web sites will be mediated by the Web proxy. ... which reminds me of a very useful tool: go to http://www.junkbuster.com and have a look. we are using a chain of proxies, squid - junkbuster - tis kits' http-gw to "bust junk out of our users' life" (including, porn, java[script], ads,...) turning of things is quite easy - turning on desired content might cause you to give it a thought or two ;-) hth Hannes -- Johann Georg Hautzinger, email: tremaat_private, Tel.: 531 00 1907 Erste Bank AG - OE 0423 - Orga./Entw. Treasury u. Orga.Wertpapier Boersegasse 14, 1010 Wien http://treasury.erstebank.at
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:43:46 PDT