Hi Amy, I only resort to "the tool" when they refuse to "play nice with the other kids". There's always one or two in the bunch that haven't moved beyond emotional adolescence, and these are the ones I usually swing on. Everyone gets many tries at absorbing facts and adjusting their own behavior; I have just have no tolerance for the "I have a right" mentality that usually forces a network admin to post questions like these. Case in point: Occasionally, a virus will make its way into the hallowed halls of Borgdominium (no; really - it's happened!) and our ever-vigilant network admins will start shutting down switch ports in an effort to contain the beast. Unfortunately, we have a greater-than-normal quantity of per-capita ego here. These folks of the monster-ego bent who find themselves cut off from the network will, instead of trying to clean up their machines, run a network cable to their neighbor's office. My favorite game in those times is "cut the cable" and I keep a pair of sharp lineman's scissors (t-phone guys know these little gems -they can cut pennies!) for just such an event. I just love hearing them scream about calling security because their "tap regeneration" was intentionally destroyed... Jim's Rules of User-Engagement: 1. ignorance is allowed once and only once. I'm more than happy (and available) to educate Joe (and Jane) user, but they have a communal responsibility to exercise 2. forgetting the ignorance cure is allowed once and only once. Everybody experiences cranial effluvium on occasion and forgiveness is next to godliness 3. "oh, yeh, huh?" earns Joe (or Jane) User an out-of consciousness experience If it sounds like I'm a total jerk, a$$, or any other uncomplimentary description, you're right, but only when it's obvious that userX is incapable of seeing past the end of their own nose. Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://www.microsoft.com/isaserver http://isaserver.org/Jim_Harrison http://isatools.org Read the help, books and articles! ----- Original Message ----- From: "Amy Babinchak" <amy@xxxxxxxxxxxxxxxxxxxxxxxxxx> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> Sent: Tuesday, April 06, 2004 12:59 Subject: [isalist] RE: Browser Hijackers http://www.ISAserver.org Wow Jim you're so hard on the users. Without computer users I don't have a job so they've got my respect so matter what predicaments they manage to get into. These days with so much business dependent on the Internet and much of it involving surfing for the best deal, managing the Internet through acceptable use policies and restricting destinations just isn't feasible in many situations. Where it is it does make sense to use that tool but it doesn't work for everyone and that's where cleaning tools become necessary. I've got clients in both situations and use both methods. But I tell my clients that while security is essential too much security can be pain in the butt for users; the trick is to find the line that you want to walk. Amy -----Original Message----- From: Jim Harrison [mailto:jim@xxxxxxxxxxxx] Sent: Tuesday, April 06, 2004 12:49 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Browser Hijackers http://www.ISAserver.org Actually, without the support of "those who make the rules", your ISA policies are so much floofy stuff. Get them to publish an "acceptable use policy" for the company and make the responses commensurate with the violation severity. Personally, I favor aluminum softball bats as a "user adjustment" tool; they make such a satisfying "bing" when they make skull contact. Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://www.microsoft.com/isaserver http://isaserver.org/Jim_Harrison http://isatools.org Read the help, books and articles! ----- Original Message ----- From: "Ray Dzek" <rdzek@xxxxxxxxxxxxxxx> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> Sent: Tuesday, April 06, 2004 09:34 Subject: [isalist] RE: Browser Hijackers http://www.ISAserver.org You say that (This is called content or web access control.) so casually. It's amazing. It just rolls off the tongue. If I had my way, and I usually do for this sort of thing which is why this is so frustrating, I would simply yank their access. But there are others that feel that I have been reading to much BOFH lately and that I may create a user jihad against I.S. Personally, I don't see the issue. If you abuse the privilege of the fairly open access that we provide, you loose that privilege. But this is a new era I guess where I could hurt somebody's feelings for pointing out that surfing for cell phone ring tones, wall papers, screen savers, games, or wherever they are surfing when they download every web bug known for a computer THAT IS NOT THEIRS was not a proper use of company resources. Ahhhh ... Thanks for letting me vent. I feel much better now. Now... Where is that "bigger hammer"? Ray Dzek Network Operations Supervisor Specialized Bicycle Components PH: 408-782-5420 FX: 408-782-5421 -----Original Message----- From: John Tolmachoff (Lists) [mailto:johnlist@xxxxxxxxxxxxxxxxxxx] Sent: Monday, April 05, 2004 5:16 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Browser Hijackers http://www.ISAserver.org This is called content or web access control. You need to look into controlling website access by users. John Tolmachoff Engineer/Consultant/Owner eServices For You > -----Original Message----- > From: Ray Dzek [mailto:rdzek@xxxxxxxxxxxxxxx] > Sent: Monday, April 05, 2004 3:13 PM > To: [ISAserver.org Discussion List] > Subject: [isalist] Browser Hijackers > > http://www.ISAserver.org > > We are getting clobbered with browser hijackers lately. It is really > out of control. This is of course mainly due to stupid user tricks - > people going places they no reason being when using a corporate > computer. But that said, it is what it is. > > What security scanner for ISA protects against this type of threat? > Do the regular ISA AV plugins like GFI, etc. protect against these > attacks? > > > Thanks in advance. > > > Ray Dzek > Network Operations Supervisor > Specialized Bicycle Components > PH: 408-782-5420 > FX: 408-782-5421 ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: amy@xxxxxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')