RE: Browser Hijackers

• From: "Jim Harrison" <jim@xxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Tue, 6 Apr 2004 13:21:56 -0700

Hi Amy,

I only resort to "the tool" when they refuse to "play nice with the other kids".
There's always one or two in the bunch that haven't moved beyond emotional 
adolescence, and these are the ones I usually swing on.
Everyone gets many tries at absorbing facts and adjusting their own behavior; I 
have just have no tolerance for the "I have a right" 
mentality that usually forces a network admin to post questions like these.

Case in point:
Occasionally, a virus will make its way into the hallowed halls of Borgdominium 
(no; really - it's happened!) and our ever-vigilant 
network admins will start shutting down switch ports in an effort to contain 
the beast.
Unfortunately, we have a greater-than-normal quantity of per-capita ego here.
These folks of the monster-ego bent who find themselves cut off from the 
network will, instead of trying to clean up their machines, 
run a network cable to their neighbor's office.
My favorite game in those times is "cut the cable" and I keep a pair of sharp 
lineman's scissors (t-phone guys know these little 
gems -they can cut pennies!) for just such an event.
I just love hearing them scream about calling security because their "tap 
regeneration" was intentionally destroyed...

Jim's Rules of User-Engagement:
1. ignorance is allowed once and only once.  I'm more than happy (and 
available) to educate Joe (and Jane) user, but they have a 
communal responsibility to exercise
2. forgetting the ignorance cure is allowed once and only once.  Everybody 
experiences cranial effluvium on occasion and forgiveness 
is next to godliness
3. "oh, yeh, huh?" earns Joe (or Jane) User an out-of consciousness experience

If it sounds like I'm a total jerk, a$$, or any other uncomplimentary 
description, you're right, but only when it's obvious that 
userX is incapable of seeing past the end of their own nose.

 Jim Harrison
 MCP(NT4, W2K), A+, Network+, PCG
 http://www.microsoft.com/isaserver
 http://isaserver.org/Jim_Harrison
 http://isatools.org

 Read the help, books and articles!
----- Original Message ----- 
From: "Amy Babinchak" <amy@xxxxxxxxxxxxxxxxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Tuesday, April 06, 2004 12:59
Subject: [isalist] RE: Browser Hijackers


http://www.ISAserver.org

Wow Jim you're so hard on the users. Without computer users I don't have
a job so they've got my respect so matter what predicaments they manage
to get into. These days with so much business dependent on the Internet
and much of it involving surfing for the best deal, managing the
Internet through acceptable use policies and restricting destinations
just isn't feasible in many situations. Where it is it does make sense
to use that tool but it doesn't work for everyone and that's where
cleaning tools become necessary. I've got clients in both situations and
use both methods. But I tell my clients that while security is essential
too much security can be pain in the butt for users; the trick is to
find the line that you want to walk.

Amy

-----Original Message-----
From: Jim Harrison [mailto:jim@xxxxxxxxxxxx]
Sent: Tuesday, April 06, 2004 12:49 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Browser Hijackers

http://www.ISAserver.org

Actually, without the support of "those who make the rules", your ISA
policies are so much floofy stuff.
Get them to publish an "acceptable use policy" for the company and make
the responses commensurate with the violation severity.

Personally, I favor aluminum softball bats as a "user adjustment" tool;
they make such a satisfying "bing" when they make skull
contact.

 Jim Harrison
 MCP(NT4, W2K), A+, Network+, PCG
 http://www.microsoft.com/isaserver
 http://isaserver.org/Jim_Harrison
 http://isatools.org

 Read the help, books and articles!
----- Original Message ----- 
From: "Ray Dzek" <rdzek@xxxxxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Tuesday, April 06, 2004 09:34
Subject: [isalist] RE: Browser Hijackers


http://www.ISAserver.org

You say that (This is called content or web access control.) so
casually.  It's amazing.  It just rolls off the tongue.

If I had my way, and I usually do for this sort of thing which is why
this is so frustrating, I would simply yank their access.  But there are
others that feel that I have been reading to much BOFH lately and that I
may create a user jihad against I.S.  Personally, I don't see the issue.
If you abuse the privilege of the fairly open access that we provide,
you loose that privilege.  But this is a new era I guess where I could
hurt somebody's feelings for pointing out that surfing for cell phone
ring tones, wall papers, screen savers, games, or wherever they are
surfing when they download every web bug known for a computer THAT IS
NOT THEIRS was not a proper use of company resources.

Ahhhh ... Thanks for letting me vent.  I feel much better now.

Now... Where is that "bigger hammer"?

Ray Dzek
Network Operations Supervisor
Specialized Bicycle Components
PH:  408-782-5420
FX:  408-782-5421

-----Original Message-----
From: John Tolmachoff (Lists) [mailto:johnlist@xxxxxxxxxxxxxxxxxxx]
Sent: Monday, April 05, 2004 5:16 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Browser Hijackers


http://www.ISAserver.org

This is called content or web access control.

You need to look into controlling website access by users.

John Tolmachoff
Engineer/Consultant/Owner
eServices For You


> -----Original Message-----
> From: Ray Dzek [mailto:rdzek@xxxxxxxxxxxxxxx]
> Sent: Monday, April 05, 2004 3:13 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] Browser Hijackers
>
> http://www.ISAserver.org
>
> We are getting clobbered with browser hijackers lately.  It is really
> out of control.  This is of course mainly due to stupid user tricks -
> people going places they no reason being when using a corporate
> computer.  But that said, it is what it is.
>
> What security scanner for ISA protects against this type of threat?
> Do the regular ISA AV plugins like GFI, etc. protect against these
> attacks?
>
>
> Thanks in advance.
>
>
> Ray Dzek
> Network Operations Supervisor
> Specialized Bicycle Components
> PH:  408-782-5420
> FX:  408-782-5421


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe send a blank email to
$subst('Email.Unsub')


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
amy@xxxxxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to
$subst('Email.Unsub')



------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
jim@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

Other related posts:

• » Browser Hijackers
• » RE: Browser Hijackers
• » RE: Browser Hijackers
• » RE: Browser Hijackers
• » RE: Browser Hijackers
• » RE: Browser Hijackers
• » RE: Browser Hijackers
• » RE: Browser Hijackers
• » RE: Browser Hijackers
• » RE: Browser Hijackers
• » RE: Browser Hijackers
• » RE: Browser Hijackers
• » RE: Browser Hijackers
• » RE: Browser Hijackers
• » RE: Browser Hijackers

1. Home
2. isalist
3. Archive
4. 04-2004

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---