Mike,
I can see how this would prevent users from downloading the pointcast
program, but if it is already inside (and users cannot bring in a
floppy from home with it) it does nothing to stop pointcast programs
inside the network from going outside to get content.
Content comes from a number of places, most of them in *.pointcast.net,
but not entirely. A simpleminded WWW proxy could block access to URLs
with the string "FIDO" (all caps) embedded in it, as for some reason most all
pointcast content comes from URLs containing this string.
This is certainly a hack, but is an easy option while you identify
a better way to do it. I'm amidst putting together something a little
more punitive but elegant for hunting down and destroying hosts with
pointcast on the internal net, will post something once I get it set up.
Gregg Siegfried
grs @
claircom .
com
>>
> > I am well versed on the security problems facing Pointcast implementation
> > (this list has been generous in discussing the issues of this technology).
> > Now I have a site where we want to explicitly block **all** Pointcast
> > traffic. (Its due to bandwidth problems, not security at the moment).
>
> I've done this for a couple of customers using FW-1. Just set up a rule
> of source: www.pointcast.com, destination: any, protocol: any, action: drop.
>
> That should do it.
>
> --
> Mike Jones
> Sr. Network Computing Advisor
> UNIFIED Technologies
|
|
