A customer of mine is having an issue with employees abusing web access on
two specific systems in the building. I don't want to remove the default
gateway from the TCP/IP since that takes out the system's internet
connectivity altogether so instead I thought of removing execute permissions
from iexplore.exe and firefox.exe for users w/o admin privilege. Is this a
good way to handle the problem? If not, what do you recommend?
Fritz <fritz@dontbite.com> wrote:
> A customer of mine is having an issue with employees abusing web
> access on two specific systems in the building. I don't want to
> remove the default gateway from the TCP/IP since that takes out the
> system's internet connectivity altogether so instead I thought of
> removing execute permissions from iexplore.exe and firefox.exe for
> users w/o admin privilege. Is this a good way to handle the problem?
> If not, what do you recommend?
> Thanks!
No, this isn't the way to go. I'd recommend ISA or another proxy server
product for this.
ISA? I'm not going to implement a new firewall just for that. If anything
I'll just give the machines static IPs and block port 80 at the PIX level.
"Lanwench [MVP - Exchange]"
<lanwench@heybuddy.donotsendme.unsolicitedmailatyahoo.com> wrote in message
news:u$pBst9xHHA.3940@TK2MSFTNGP05.phx.gbl...
> Fritz <fritz@dontbite.com> wrote:
>> A customer of mine is having an issue with employees abusing web
>> access on two specific systems in the building. I don't want to
>> remove the default gateway from the TCP/IP since that takes out the
>> system's internet connectivity altogether so instead I thought of
>> removing execute permissions from iexplore.exe and firefox.exe for
>> users w/o admin privilege. Is this a good way to handle the problem?
>> If not, what do you recommend?
>> Thanks!
>
> No, this isn't the way to go. I'd recommend ISA or another proxy server
> product for this.
>
Fritz <fritz@dontbite.com> wrote:
> ISA? I'm not going to implement a new firewall just for that. If
> anything I'll just give the machines static IPs and block port 80 at
> the PIX level.
OK - but don't forget about all the other ports they could use to get into
trouble.
I'd go with DHCP reservations before static IPs, just to keep them more
manageable.
>
>
> "Lanwench [MVP - Exchange]"
> <lanwench@heybuddy.donotsendme.unsolicitedmailatyahoo.com> wrote in
> message news:u$pBst9xHHA.3940@TK2MSFTNGP05.phx.gbl...
>> Fritz <fritz@dontbite.com> wrote:
>>> A customer of mine is having an issue with employees abusing web
>>> access on two specific systems in the building. I don't want to
>>> remove the default gateway from the TCP/IP since that takes out the
>>> system's internet connectivity altogether so instead I thought of
>>> removing execute permissions from iexplore.exe and firefox.exe for
>>> users w/o admin privilege. Is this a good way to handle the
>>> problem? If not, what do you recommend?
>>> Thanks!
>>
>> No, this isn't the way to go. I'd recommend ISA or another proxy
>> server product for this.
Might sound a bit tame but why not try child protection in Vista, should do
the job OK.
--
Ian
"Fritz" <fritz@dontbite.com> wrote in message
news:ubpFnM9xHHA.140@TK2MSFTNGP02.phx.gbl...
>A customer of mine is having an issue with employees abusing web access on
>two specific systems in the building. I don't want to remove the default
>gateway from the TCP/IP since that takes out the system's internet
>connectivity altogether so instead I thought of removing execute
>permissions from iexplore.exe and firefox.exe for users w/o admin
>privilege. Is this a good way to handle the problem? If not, what do you
>recommend?
>
> Thanks!
>
>
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.