[BC] IT troubles

R A Meuser rameuser at ieee.org
Thu Jan 10 17:05:38 CST 2008 

RichardBJohnson at comcast.net wrote:

> The right of the people to be secure in their persons,
> houses, PAPERS, and EFFECTS, against unreasonable
> searches and seizures, shall not be violated, and no
> warrants shall issue, but upon probable cause,
> supported by oath or affirmation, and particularly
> describing the place to be searched, and the
>  persons or things to be seized.

Agreed that your house and person can not be searched without due 
process. This has nothing to do with the work place as far as the 
employer is concerned.


> Outbound traffic gets blocked because there is no route from
> my box to any outside box. Telnet 120.210.12.5, for instance
> will go nowhere. Every name-server lookup responds with an
> internal address, where a proxy spy machine checks to see if
> the outside connection is allowed. If it is allowed, that machine
> makes the only connection, not your machine, and all I/O
> is routed through that machine and is compressed and
> recorded. If it is not allowed, the spy machine writes the
> following message back to the connected host:
> 
>  Access denied to this web site
> To gain access to this web site:
> 1) Print out the Web Site Request Form & Instructions
> available on XXXXX's company portal Ananet (http://ananet/forms)
> under the Information Technology section.
> 
> 2) Fill in the web site address you are requesting access to
> and the justification for accessing this site. Sign and date this form.
> 
> 3) Review with your supervisor and have him or her sign and date this form.
> 
> 4) Either submit electronically by scanning the form, creating a
> .pdf file and sending the .pdf to wsac at xxxxx.com or manually submit
> it for review/approval to the Human Resources department.
> 
> That is the reason why I can't use 'ftp' or telnet to another machine
> on the Internet. I can only use a web-crawler.


You are describing a typical corporate LAN. If the company is public, 
SOX practically demands it. Let me summarize - Your out bound traffic is 
proxied as are many LANS including home LANS. We have the same thing. 
You have your own  server that restricts certain sites, so do we. It 
sounds like your LAN has a lot of ports blocked, including telnet and 
FTP, so do we for those who do not have a business need.  None of what 
you describe prevents you from having a secure connection through the 
firewall.

More information about the Broadcast mailing list