I'm reading about method to block users for using Skype, can you
confirm unique way is to deny access directly to all IP address when
method 'connect' (SSL) is used ?
That is the preferred way, you should never allow a HTTPS connection for
a unknown site.
Example given, in my company I have http-server on dmz, where some
application access to it by IP address;
I'm sure it's known site because it's mine.
In this way people cannot access directly to specific site using IP
instead FQDN !
Only to those HTTPs connection to sites using ip address instead of the
cannonical name on the x509 certificate which is the recommended way.
I don't understand, but you confirm I can access sites ONLY by FQDN
Can I restrict Skype access in another way to avoid this behaviour ?
Yes, apply a enterprise policy for software usage :)
;)
--
Jorge Armando Medina
Computación Gráfica de México
Web: http://www.e-compugraf.com
Tel: 55 51 40 72, Ext: 124
Email: jmedina@xxxxxxxxxxxxxxx
GPG Key: 1024D/28E40632 2007-07-26
GPG Fingerprint: 59E2 0C7C F128 B550 B3A6 D3AF C574 8422 28E4 0632
