Re: OT: One for the computer gurus

[Keith Willoughby]

"Richard Goodman" <[email protected]> writes:

> Ok, sorry for this but I know there are a few of you out there:
> Assuming a router that can be suitably configured, and that there is
> an almost limitless number of 'good' sites, most of which you will not
> know in advance that you want to allow network users access to. and
> with no consistent identifying factor between them, and an equally
> limitless number of bad ones you want to deny, how do you do it?

a) explicit whitelisting, b) explicit blacklisting, or c)
heuristics. These are, respectively, a) a massive admin headache, b) a
massive waste of time, and c) both a massive admin headache and a
massive waste of time (given that it combines the worst parts of a and
b - false positives and false negatives)

Your best bet is educating the users on which sites are acceptable to be
accessed. There are no technological solutions to social problems, and
all that.

--
Keith Willoughby http://flat222.org/keith/
"After my experience, I have come to hate war. War settles nothing."
- Dwight D. Eisenhower

 

[Just zis Guy, you know?]

On Sun, 24 Apr 2005 13:22:30 +0100, Keith Willoughby
<[email protected]> wrote in message
<[email protected]>:

>Your best bet is educating the users on which sites are acceptable to be
>accessed. There are no technological solutions to social problems, and
>all that.

Agreed. Still and all, we have a net nanny type thing on the kids'
PC, because it's a quick and easy 90% solution.


Guy
--
http://www.chapmancentral.co.uk

"To every complex problem there is a solution which is
simple, neat and wrong" - HL Mencken

 

[Ian Smith]

On Sun, 24 Apr 2005 13:22:30 +0100, Keith Willoughby <[email protected]> wrote:
> "Richard Goodman" <[email protected]> writes:
>
> > Ok, sorry for this but I know there are a few of you out there:
> > Assuming a router that can be suitably configured, and that there is
> > an almost limitless number of 'good' sites, most of which you will not
> > know in advance that you want to allow network users access to. and
> > with no consistent identifying factor between them, and an equally
> > limitless number of bad ones you want to deny, how do you do it?
>
> Your best bet is educating the users on which sites are acceptable to be
> accessed. There are no technological solutions to social problems, and
> all that.


Which is what I have done at work. Defined acceptable use policy
everyone signs, and a threat of something-or-other for violations.
So far (several years) we've only found one violation, and that some
time after a user had left teh employ of teh company.

I heard once of an IT department at a large firm of lawyers. They
decided they needed an explicit AUP. Policy eventually agreed,
circulated in duplicate to all users, users to sign one and return
signed copy to go on file. Result: 200 signed copies of AUP returned,
every one of which was differently amended, annotated, had certain
terms crossed out, etc. (probably urban myth).

regards, Ian SMith

 

[bugbear]

Ian Smith wrote:
> On Sun, 24 Apr 2005 13:22:30 +0100, Keith Willoughby <[email protected]> wrote:
>
>> "Richard Goodman" <[email protected]> writes:
>>
>>
>>>Ok, sorry for this but I know there are a few of you out there:
>>>Assuming a router that can be suitably configured, and that there is
>>>an almost limitless number of 'good' sites, most of which you will not
>>>know in advance that you want to allow network users access to. and
>>>with no consistent identifying factor between them, and an equally
>>>limitless number of bad ones you want to deny, how do you do it?
>>
>> Your best bet is educating the users on which sites are acceptable to be
>> accessed. There are no technological solutions to social problems, and
>> all that.
>
>
>
> Which is what I have done at work. Defined acceptable use policy
> everyone signs, and a threat of something-or-other for violations.
> So far (several years) we've only found one violation, and that some
> time after a user had left teh employ of teh company.

What he said.

BugBear