[windows2000] Re: Porn Crazy Users!

• From: "Sullivan, Glenn" <GSullivan@xxxxxxxxxxxxxx>
• To: "'windows2000@xxxxxxxxxxxxx'" <windows2000@xxxxxxxxxxxxx>
• Date: Fri, 22 Aug 2003 13:20:19 -0400

I would concur... always have your clients point to internal DNS servers.

Glenn Sullivan, MCSE+I  MCDBA
David Clark Company Inc. 

-----Original Message-----
From: windows2000-bounce@xxxxxxxxxxxxx
[mailto:windows2000-bounce@xxxxxxxxxxxxx]
Sent: Friday, August 22, 2003 12:51 PM
To: windows2000@xxxxxxxxxxxxx
Subject: [windows2000] Re: Porn Crazy Users!


The suggestion about two DNS servers is a good one - I think that might
work. The suggestion about setting the primary DNS to internal and the
secondary to external is not recommended by Microsoft. I don't have the
documentation to prove it handy, but I have seen it and have been told
the same thing by their support services. Microsoft wants all machines
to look at an internal DNS server which forwards out (or uses root
hints). Thanks for all the suggestions.

-----Original Message-----
From: SEspeseth@xxxxxxxx [mailto:SEspeseth@xxxxxxxx] 
Sent: Thursday, August 21, 2003 1:25 PM
To: windows2000@xxxxxxxxxxxxx
Subject: [windows2000] Re: Porn Crazy Users!


The other possibility as someone already said was to add the
isp/external dns as a secondary dns only to people that need internet
access. Set your other users to the internal dns, and turn off
forwarding for the internal dns server. 

Or put the users on different subnets. Get creative with the sunbet
masking: example inet router ip=10.0.0.1/25 users with inet access have
ip 10.0.0.1-127/24 users without inet access have ip 10.0.0.129-254/24.
The users computers all will talk because they are on the same subnet,
but the router will not respond nicely to the users in the 10.0.0.128+
group because it thinks they ar not local. 

-----Original Message-----
From: Sullivan, Glenn [mailto:GSullivan@xxxxxxxxxxxxxx]
Sent: Thursday, August 21, 2003 1:34 PM
To: 'windows2000@xxxxxxxxxxxxx'
Subject: [windows2000] Re: Porn Crazy Users!


Ah... you want to be selective, by user?

Not for free, I fear.  At least not "Built in"...

How about this: 

Set up two DNS Servers.  Allow one to forward, and prevent the other one
from forwarding.  Point the "good" users at the forwarding DNS server,
and point the "Bad" users at the other DNS server.

Because you have at least two DNS servers, right? ;-)

HTH,

Glenn Sullivan, MCSE+I  MCDBA
David Clark Company Inc. 

-----Original Message-----
From: Durbin, Jeff [mailto:jdurbin@xxxxxxxxxxxxxxxxxxx]
Sent: Thursday, August 21, 2003 2:26 PM
To: windows2000@xxxxxxxxxxxxx
Subject: [windows2000] Re: Porn Crazy Users!


  To answer your question, yes, I guess I could stop the internal DNS
servers from forwarding to outside servers, but that would stop
*everyone* from getting external DNS resolution. 

-----Original Message-----
From: Sullivan, Glenn [mailto:GSullivan@xxxxxxxxxxxxxx] 
Sent: Thursday, August 21, 2003 9:48 AM
To: 'windows2000@xxxxxxxxxxxxx'
Subject: [windows2000] Re: Porn Crazy Users!


Before the upgrade, you said that the admin was limiting use by limiting
DNS access.

Is that not possible now?  Or am I missing something... just stop your
DNS servers from relaying out to the internet.  Or create dummy zones on
your DNS server for the porn domains...

Glenn Sullivan, MCSE+I  MCDBA
David Clark Company Inc. 

-----Original Message-----
From: windows2000-bounce@xxxxxxxxxxxxx
[mailto:windows2000-bounce@xxxxxxxxxxxxx]
Sent: Thursday, August 21, 2003 12:14 PM
To: windows2000@xxxxxxxxxxxxx
Subject: [windows2000] Re: Porn Crazy Users!


I realize there are products out there to resolve this problem. The
whole point of my orginal post was to see if there was a simple, free
solution I hadn't thought of. The Squid product is a possibility, but if
they end up wanting to spend money on something, we'll start looking at
the possibilities. Thanks.

-----Original Message-----
From: windows2000-bounce@xxxxxxxxxxxxx
[mailto:windows2000-bounce@xxxxxxxxxxxxx] 
Sent: Thursday, August 21, 2003 7:50 AM
To: windows2000@xxxxxxxxxxxxx
Subject: [windows2000] Re: Porn Crazy Users!


The Web Blocker technology from Watchguard would be perfect for this
situation.  Is a solution like this completely out of the question for
you?

Greg

-----Original Message-----
From: Durbin, Jeff [mailto:jdurbin@xxxxxxxxxxxxxxxxxxx]
Sent: Thursday, August 21, 2003 10:47 AM
To: windows2000@xxxxxxxxxxxxx
Subject: [windows2000] Re: Porn Crazy Users!


I've been hired to migrate the company to AD and Exchange 2000. Yes, I'm
working on a client's system. Yes, the employees are downloading porn.
I've been asked by the network administrator for advice on how to
eliminate the users-downloading-porn problem. I don't have the power to
fire anyone (nor does the network manager).
  However, I agree wholeheartedly with those that suggest
'administrative smackdown' (my personal favorite), and firing users. As
a consultant, I am frequently asked to use technology to solve problems
that Human Resources should be solving. I can't even begin to tell you
how I feel when I hear an admin say, "That's too difficult for my users
- they won't be able to handle that". I'd be quite happy if Darwinian
Natural Selection would weed these people out of the workplace (and the
gene pool, too, preferably). 

JD

-----Original Message-----
From: Charles R. Buchanan [mailto:crbgfblab@xxxxxxxxxxxxx] 
Sent: Wednesday, August 20, 2003 3:16 PM
To: windows2000@xxxxxxxxxxxxx
Subject: [windows2000] Re: Porn Crazy Users!


So correct me if I'm wrong, you're working on a clients computer system,
correct?  So this company employees are downloading porn, right?  The
part I am missing is, the call you got from the owner/boss/whathave you
that he/she wishes to block the employee's from accessing porn. Or is
this to be assumed?  

The reason I ask is, people are assuming that you have this power to
fire people when it reads to me that you're just the computer repair
guy. <shrug> 



On Wed, 20 Aug 2003 11:16:28 -0700
Who would have thought, "Durbin, Jeff" <jdurbin@xxxxxxxxxxxxxxxxxxx>
would say this?:

DJ>  I just upgraded a customer's domain to AD, which, obviously,
DJ> requires internal DNS for name resolution. So, all the computers on 
DJ> the network point to an internal server for DNS, which, in turn, 
DJ> will forward unresolved requests to the ISP's DNS servers.
DJ>   The problem I have stems from the fact that the administrator of
DJ> the domain has been restricting Internet access by not allowing DNS 
DJ> resolution (i.e., no DNS servers specified on the workstations). Now

DJ> that DNS is a requirement, the users all get Internet access, and
DJ> they've gone crazy downloading porn. I realize that they are 
DJ> commercial products to control Internet access, but does anyone have

DJ> any cheap/easy idea for solving the problem?
DJ>  
DJ> Thanks,
DJ>  
DJ> JD


********************************************************
This Week's Sponsor - RTO Software / TScale
What's keeping you from getting more from your terminal servers? Did you
know, in most cases, CPU Utilization IS NOT the single biggest
constraint to scaling up?! Get this free white paper to understand the
real constraints & how to overcome them. SAVE MONEY by scaling-up rather
than buying more servers. http://www.rtosoft.com/Enter.asp?ID=148
**********************************************************
To Unsubscribe, set digest or vacation
mode or view archives use the below link.

http://thethin.net/win2000list.cfm
********************************************************
This Week's Sponsor - RTO Software / TScale
What's keeping you from getting more from your terminal servers? Did you
know, in most cases, CPU Utilization IS NOT the single biggest
constraint to scaling up?! Get this free white paper to understand the
real constraints & how to overcome them. SAVE MONEY by scaling-up rather
than buying more servers. http://www.rtosoft.com/Enter.asp?ID=148
**********************************************************
To Unsubscribe, set digest or vacation
mode or view archives use the below link.

http://thethin.net/win2000list.cfm
********************************************************
This Week's Sponsor - RTO Software / TScale
What's keeping you from getting more from your terminal servers? Did you
know, in most cases, CPU Utilization IS NOT the single biggest
constraint to scaling up?! Get this free white paper to understand the
real constraints & how to overcome them. SAVE MONEY by scaling-up rather
than buying more servers. http://www.rtosoft.com/Enter.asp?ID=148
**********************************************************
To Unsubscribe, set digest or vacation
mode or view archives use the below link.

http://thethin.net/win2000list.cfm
********************************************************
This Week's Sponsor - RTO Software / TScale
What's keeping you from getting more from your terminal servers? Did you
know, in most cases, CPU Utilization IS NOT the single biggest
constraint to scaling up?! Get this free white paper to understand the
real constraints & how to overcome them. SAVE MONEY by scaling-up rather
than buying more servers. http://www.rtosoft.com/Enter.asp?ID=148
**********************************************************
To Unsubscribe, set digest or vacation
mode or view archives use the below link.

http://thethin.net/win2000list.cfm
********************************************************
This Week's Sponsor - RTO Software / TScale
What's keeping you from getting more from your terminal servers? Did you
know, in most cases, CPU Utilization IS NOT the single biggest
constraint to scaling up?! Get this free white paper to understand the
real constraints & how to overcome them. SAVE MONEY by scaling-up rather
than buying more servers. http://www.rtosoft.com/Enter.asp?ID=148
**********************************************************
To Unsubscribe, set digest or vacation
mode or view archives use the below link.

http://thethin.net/win2000list.cfm
********************************************************
This Week's Sponsor - RTO Software / TScale
What's keeping you from getting more from your terminal servers? Did you
know, in most cases, CPU Utilization IS NOT the single biggest
constraint to scaling up?! Get this free white paper to understand the
real constraints & how to overcome them. SAVE MONEY by scaling-up rather
than buying more servers. http://www.rtosoft.com/Enter.asp?ID=148
**********************************************************
To Unsubscribe, set digest or vacation
mode or view archives use the below link.

http://thethin.net/win2000list.cfm
********************************************************
This Week's Sponsor - RTO Software / TScale
What's keeping you from getting more from your terminal servers? Did you
know, in most cases, CPU Utilization IS NOT the single biggest
constraint to scaling up?! Get this free white paper to understand the
real constraints & how to overcome them. SAVE MONEY by scaling-up rather
than buying more servers. http://www.rtosoft.com/Enter.asp?ID=148
**********************************************************
To Unsubscribe, set digest or vacation
mode or view archives use the below link.

http://thethin.net/win2000list.cfm
********************************************************
This Week's Sponsor - RTO Software / TScale
What's keeping you from getting more from your terminal servers? Did you
know, in most cases, CPU Utilization IS NOT the single biggest
constraint to scaling up?! Get this free white paper to understand the
real constraints & how to overcome them. SAVE MONEY by scaling-up rather
than buying more servers. http://www.rtosoft.com/Enter.asp?ID=148
**********************************************************
To Unsubscribe, set digest or vacation
mode or view archives use the below link.

http://thethin.net/win2000list.cfm
********************************************************
This Week's Sponsor - RTO Software / TScale
What's keeping you from getting more from your terminal servers? Did you
know, in most cases, CPU Utilization IS NOT the single biggest constraint to
scaling up?! Get this free white paper to understand the real constraints &
how to overcome them. SAVE MONEY by scaling-up rather than buying more
servers.
http://www.rtosoft.com/Enter.asp?ID=148
**********************************************************
To Unsubscribe, set digest or vacation
mode or view archives use the below link.

http://thethin.net/win2000list.cfm
********************************************************
This Week's Sponsor - RTO Software / TScale
What's keeping you from getting more from your terminal servers? Did you know, 
in most cases, CPU Utilization IS NOT the single biggest constraint to scaling 
up?! Get this free white paper to understand the real constraints & how to 
overcome them. SAVE MONEY by scaling-up rather than buying more servers.
http://www.rtosoft.com/Enter.asp?ID=148
**********************************************************
To Unsubscribe, set digest or vacation
mode or view archives use the below link.

http://thethin.net/win2000list.cfm

Other related posts:

• » [windows2000] Porn Crazy Users!
• » [windows2000] Re: Porn Crazy Users!
• » [windows2000] Re: Porn Crazy Users!
• » [windows2000] Re: Porn Crazy Users!
• » [windows2000] Re: Porn Crazy Users!
• » [windows2000] Re: Porn Crazy Users!
• » [windows2000] Re: Porn Crazy Users!
• » [windows2000] Re: Porn Crazy Users!
• » [windows2000] Re: Porn Crazy Users!
• » [windows2000] Re: Porn Crazy Users!
• » [windows2000] Re: Porn Crazy Users!
• » [windows2000] Re: Porn Crazy Users!
• » [windows2000] Re: Porn Crazy Users!
• » [windows2000] Re: Porn Crazy Users!
• » [windows2000] Re: Porn Crazy Users!
• » [windows2000] Re: Porn Crazy Users!
• » [windows2000] Re: Porn Crazy Users!
• » [windows2000] Re: Porn Crazy Users!
• » [windows2000] Re: Porn Crazy Users!
• » [windows2000] Re: Porn Crazy Users!
• » [windows2000] Re: Porn Crazy Users!
• » [windows2000] Re: Porn Crazy Users!
• » [windows2000] Re: Porn Crazy Users!
• » [windows2000] Re: Porn Crazy Users!
• » [windows2000] Re: Porn Crazy Users!
• » [windows2000] Re: Porn Crazy Users!
• » [windows2000] Re: Porn Crazy Users!
• » [windows2000] Re: Porn Crazy Users!
• » [windows2000] Re: Porn Crazy Users!
• » [windows2000] Re: Porn Crazy Users!
• » [windows2000] Re: Porn Crazy Users!

1. Home
2. windows2000
3. Archive
4. 08-2003

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---