Quoting Rob Asher <rasher@xxxxxxxxxxxxxxxxxxx>:
blocking egress traffic for everything except known services(our own proxies) so anonymous proxies and vpn's won't be able to connect....UNLESS they can get to them through the proxies somehow. Things like PHProxy and all the anonymizing sites make it tougher. There's ways around anything I know but we adapt and keep plugging away.
but there still exists the possibility to connect to outside service sitting on for example 80 or 443 port (actually very easy achievable with average skills needed and working like a charm) and then what? the only thing which can help in that case is packet analysis (i assume)
J. ---------------------------------------------------------------- This message was sent using IMP, the Internet Messaging Program.
