> I'm reading about method to block users for using Skype, can you
> confirm unique way is to deny access directly to all IP address when
> method 'connect' (SSL) is used ?
>>That is the preferred way, you should never allow a HTTPS connection for
>>a unknown site.
Example given, in my company I have http-server on dmz, where some
application access to it by IP address;
I'm sure it's known site because it's mine.
> In this way people cannot access directly to specific site using IP
> instead FQDN !
>>Only to those HTTPs connection to sites using ip address instead of the
>>cannonical name on the x509 certificate which is the recommended way.
I don't understand, but you confirm I can access sites ONLY by FQDN
> Can I restrict Skype access in another way to avoid this behaviour ?
>>Yes, apply a enterprise policy for software usage :)
;)
-- Jorge Armando Medina Computación Gráfica de México Web: http://www.e-compugraf.com Tel: 55 51 40 72, Ext: 124 Email: jmedina_at_e-compugraf.com GPG Key: 1024D/28E40632 2007-07-26 GPG Fingerprint: 59E2 0C7C F128 B550 B3A6 D3AF C574 8422 28E4 0632Received on Tue Jun 22 2010 - 20:10:56 MDT
This archive was generated by hypermail 2.2.0 : Wed Jun 23 2010 - 12:00:04 MDT