I can tell you as an IT prof in a large corporation, the only solution we had
was to make it a policy that users could not do this. There was no way to
physically prevent web-based mail. You could block access to the hotmail.com,
mail.yahoo.com and such, but there are other free webmail services. As for
chatting, as was mentioned this can be done at the port level.
--
<<JAV>>
---------- Original Message -----------
From: Idol Crash <idolcrash@gmail.com>
To: harshal.dedhia@skybird-travel.com
Cc: security-basics@securityfocus.com
Sent: Thu, 30 Dec 2004 15:45:36 -0500
Subject: Re: N00b Question
AFAIK, I think that the only way to block web-based e-mail would be
through a proxy or host file, as to block it through a firewall, one
would have to block port 80, used for all web viewing, which isn't
very practical. For MSN and Yahoo chat, you'd have to find the ports
for which they are typically used and block them (I don't know them
off the top of my head), and prevent users from installing said
applications.
Good luck, and I hope this was helpful.
On Thu, 30 Dec 2004 11:41:51 -0500, Harshal Dedhia
<harshal.dedhia@skybird-travel.com> wrote:
Hi,
I am very new to the firewall and network security world. I have a
situation wherein I need to block webbased email access and the ability
to upload attachments to web-based email. I also need to ensure that
MSN/yahoo chat is disabled and quotas are established for web surfing.
Is there an Open Source solution to this problem. The network comprises
Cisco Routers and 500 series firewalls.
Cheers!
Harshal
------- End of Original Message -------
