Re: [squid-users] Skype block

From: Jorge Armando Medina <jmedina_at_e-compugraf.com>
Date: Tue, 22 Jun 2010 15:01:03 -0500

Riccardo Castellani wrote:
> I'm reading about method to block users for using Skype, can you
> confirm unique way is to deny access directly to all IP address when
> method 'connect' (SSL) is used ?
That is the preferred way, you should never allow a HTTPS connection for
a unknown site.
> In this way people cannot access directly to specific site using IP
> instead FQDN !
Only to those HTTPs connection to sites using ip address instead of the
cannonical name on the x509 certificate which is the recommended way.

> Can I restrict Skype access in another way to avoid this behaviour ?
Yes, apply a enterprise policy for software usage :)
>
>
>
>
>

-- 
Jorge Armando Medina
Computaci�n Gr�fica de M�xico
Web: http://www.e-compugraf.com
Tel: 55 51 40 72, Ext: 124
Email: jmedina_at_e-compugraf.com
GPG Key: 1024D/28E40632 2007-07-26
GPG Fingerprint: 59E2 0C7C F128 B550 B3A6  D3AF C574 8422 28E4 0632
Received on Tue Jun 22 2010 - 20:01:08 MDT

This archive was generated by hypermail 2.2.0 : Wed Jun 23 2010 - 12:00:04 MDT