[OT] Getting out from behind a corporate firewall

Tyler Aviss tjaviss-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org
Mon May 10 15:39:56 UTC 2010


On Mon, May 10, 2010 at 8:26 AM, John Sellens
<jsellens-Iv5KO+h6AVB+Y12zHexnB0EOCMrvLtNR at public.gmane.org> wrote:
> | In June I start work on a ten month project for a company that makes
> | network equipment for ISPs.
> |
> | I expect that they have a very tight firewall and web proxy.
> |
> | I want to be able to get out from it, of course.
>
> Instead of publically planning to circumvent company policy before
> you even start, perhaps you might be better off if you ask your new
> employer about network policies.
>
> Be a shame to get in trouble before you even start work ...
>
> John
>
> P.S. cough, ssh, cough
> --
> The Toronto Linux Users Group.      Meetings: http://gtalug.org/
> TLUG requests: Linux topics, No HTML, wrap text below 80 columns
> How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists
>


Not only that, but now there's a nice post on the internet that will
be archived for years into the future describing your intent to
circumvent company security. It might seem like a light thing now, but
for a potential employer looking you up online, it's possibly going to
look like you're a loose cannon or security liability, especially
since you haven't tried normal channels or confirmed that your
upcoming employer does indeed have a draconian security policy. Most
places I know aren't *that* bad. They filter known bad sites, log some
others, and restrict SSL on non-authorized domains (but email
providers often get a pass).

As one of the "IT enforcers," I'd have to say that a smile and
friendly request go a long way. We've had bad luck with people
randomly flaunting the rules, but tend to play a lot nicer when we
know what's going on. If something goes weird, your machine will be on
the radar to be checked for odd traffic, etc. But if  you go it on
your own, and they then find you have a virus + have circumvented
security.... bad news.

Heck, we've even gone out of the way to create special firewall rules
and exemptions for things like people who listen to "CBC radio 2" (for
which the flash applet completely ignores proxy settings and tries to
direct-connect).


-- 
Tyler Aviss
Systems Support
LPIC/LPIC-2/CLA

“Even enemies will help each other if they are together on a boat that
is in trouble. ” – Sun Tzu
--
The Toronto Linux Users Group.      Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists





More information about the Legacy mailing list