Ray Percival wrote: > We do. IMHO not enough places do and more should. Well not port only 80 but I > think there should be more places that restrict access out.
I haven't found that doing that helps much, depending on what you're trying to do. A better solution might be to put in some kind of http proxy that doesn't accept CONNECT requests, then you can block stuff that still works (like IM) at the proxy. That said, I haven't come across many companies that block web requests to odd ports. Most seem to be more interested in logging web requests and blocking access to content that could cause a lawsuit.
