Internet Abuse

[Sprikit]

Hi, is there any way that we could specifically block a chat connection on the gateway server on a LAN?

To illustrrrate further this is the scenario in our office:

The workstations connects to the internet through the wingate server. I can block the ports that they are currently using on the wingate server. But after a short while I noticed that the program (yahoo messenger and any other chat progrrams)will reconnect automatically on another port. When I already block several ports that the chat program tries to connect to, I noticed that some of the users on another workstations that is only surfing the web will experience an Error in Opening some pages.

Is there a way to block only those types of program from connecting the internet through the wingate server? Or do I need to install a software on the server side to specifically block those chat programs?

Some of my officemates are already very abusive even during Office hours. Please help!!!

 

[C.Ingram]

The most effective ways to do this are higher level filtering and better security on the machines. Regarding the former, you will need firewall software that will inspect the contents of packets, and drop chat. The latter involves restricting user's rights on machines, and not allowing them to install software or access chat applications.

 

[The_Urge]

Are you the network admin?

 

[office politics]

FROM http://www.winguides.com/registry/display.php/969/

Restrict Users from Running Specific Applications (Windows 2000/Me/XP) Popular
This setting allows you to specify applications and filenames that users are restricted from running.

Open your registry and find the key [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion \Policies\Explorer]
Create a new DWORD value and name it "DisallowRun" set the value to "1" to enable application restrictions or "0" to allow all applications to run.

Then create a new sub-key called [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion \Policies\Explorer\DisallowRun] and define the applications the are to be restricted. Creating a new string value for each application, named as consecutive numbers, and setting the value to the filename to be restriced (e.g. "regedit.exe").

Restart Windows for the changes to take effect.

 

[Trotter]

Configure the firewall to not let the chat programs have access.

 

[Sprikit]

Are you the network admin?

Yes I am...

 

[The_Urge]

Yes I am...

Roger that. If the boss is on your ass about this the other posters have great ideas. I'n not sure what kind of router you have but a good one will let you restrict just about any type of service that you want to.

If this is just something that you want to do because you want to do a good job as the sys admin make sure that they are aware of the acceptable use policy. I know this sounds stupid but often you can get good results on this issue by not busting peoples balls. Make sure that they are aware that if it continues then you will restrict access People don't like being treated like children. I'm not suggesting that you become a spineless whimp or anything but you catch more flies with honey. Plus you will have less stuff to administer and can focus on more important issues.

I know that I gave you a very non-tech answer, but sometimes thats what people need.

Please let us know what you end up doing and how it works out.

 

[bigbmxdave]

or you could uninstall the chat programs and then block the sites by going to c:/windows/system32/drivers/etc/hosts
open the file in notepad and enter
"127.0.0.1 http://www.website.com"
and that should block the users from accessing that site.
This works for Windows Xp im not sure about other windows Distros