-----BEGIN PGP SIGNED MESSAGE----- nuqneH, Robert Graham <robert_david_grahamat_private> said : > I mean, with a firewall you've already pre-DoSed your users: you deny them full > access to the Internet. How many users can get IRC, ICQ, or even RealAudio > through the firewall? How many of your users are complaining they can't > traceroute through your firewall? You've already denied them that service. Hmm, my users can do all that, though i feel unhappy somehow about ICQ - and i am not willing to write a proxy for it just to do not provide false sense of security.. simple relay program passes UDP packets to and from ICQ server, that's all i have (yes, i know it leaks internal addressing info, but THEY do not let me to deny the damn thing completely) Using "personal firewall" thingies like AtGuard on Weendoze workstations as complemetary measure in addition to "main" firewall is probably a good idea also.. _ _ _ _ _ _ _ {::} {::} {::} CU in Hell _| o |_ | | _|| | / _||_| |_ |_ |_ (##) (##) (##) /Arkan#iD |_ o _||_| _||_| / _| | o |_||_||_| [||] [||] [||] Do i believe in Bible? Hell,man,i've seen one! -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: noconv iQCVAwUBOKvYAKH/mIJW9LeBAQEB2gP8DaoaMbfAA6Ylm0USrEYRXpXmaU32mKMO gMlSwNWhdFNOZcEwreGC5Di78NO6NjKwIriQLg+zw5irjwEPrOxAxP/QqHieGf71 4Ntq4bN69enCNonN7M4LmRZ+Ds6nBbGzbZ5mhR78jCaQ5owX+eMAmHJxW6QMLgDC UyP9RXK6ww8= =N4wm -----END PGP SIGNATURE-----
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:04:43 PDT