Kick their butts off the network.....if the boss won't support you QUIT!! Sounds like a bunch off loose cannons at your office. You might want to try a real firewall instead of a proxy server? Another option would be to put http on port 81 or some other port their software won't work on.
How locked down are these pc's? Don't you have the ability to block or lock down? I have one user that thinks he's an expert because he works part time at Best Buy and I had to lock his pc down so he can't do anything without permission. It sounds like you have more then one and I agree with Rockn but maybe tell the boss ahead of time so he knows when the flack starts coming in.
I love that littlemar....LOL
The Best Buy PC guru....too funny
She is correct tho, you can pretty much sut down their ability to install software and make any network changes, administering it does get to be a headache at time tho.
This is in a College environment. The users have thier own computers... (and stay up late, trying to hack me)
We have Novell BorderManager which is a pretty heavy duty firewall - I'm able to deny all packets and permit specific exceptions, log everything, create access rules...
The problem is, even if I deny everything and only allow proxy traffic, the users can still tunnel their stuff through.
AND to make matter worse, peer to peer traffic shows up a almost completely different IPs each time, so there's no way to block a certain range of IPs or something like that.
Looks like you're going to have to sit back and wait for them to royally screw up your system before the "big" guys decide that you need more security and control. Just make sure you keep a record of all the fixes and time it took. Got to cover your a** too.
The students should be allowed to do what they want at home not at school. Ok, I'll get off the soapbox again. (for a while)
Sounds like the hackers need to be hacked. What do you have for monitoring software? Seems you could easily isolate the traffic to a segment on the network. What are they using the tuneling for...games...FTP....?? What about changing the port # for http? That's what qwest did rececntly to thwart the Code Red virus on Cisco DSL routers.
If you had some software like Sniffer Pro from Network associates you could see per IP address where the majority of the traffic is coming from. Are any of your network switches managed? If they are they can be monitored very easily...most newer equipment can be monitored for bandwith etc. There are some really awesome monitoring tools out ther if the school wants to dole out the cash.
Here's a list of server IP's that most peer to peer connect to to authorize passwords or what not, along with possible ways to block them. http://oofle.com/FileSharing/index.htm
*humming to self happily while locking little hoodlums out*
Status
Not open for further replies.
You have insufficient privileges to reply here.
Related Threads
?
?
?
?
?
Tech Support Guy
9.9M posts
860K members
Since 1998
A forum community dedicated to tech experts and enthusiasts. Come join the discussion about articles, computer security, Mac, Microsoft, Linux, hardware, networking, gaming, reviews, accessories, and more!