THE OFFICIAL BLOG OF THE SBS "DIVA"

A commenter [I'm too lazy to go link it up as I was in the office at 6 ungodly am this morning to ensure that a Tax Webcast training seminar was working properly and right now I'm blogging as the Earl Grey tea attempts to clear the grogginess from my brain matter], was wanting to open up RWW for all employees but wanted to track/log/audit it.  And I got to thinking how I do it here.. or I should say...how I've started to be able to keep a real close eye on it here.

There isn't [as far as this sleep deprived brain can remember] a RWW log in database.....but.... the beta that I'm on with the Scorpion Firewall is giving me the tracking that keeps the paranoid me happy.  In the firewall dashboard new beta, Dana tracks connections...and guess what...443 and 4125 are just that...connections.. and every morning [since I set the dashboard email report up to hit my inbox at 6 a.mish like my other emails] I look and see just who connected in on port 443 and in particular 4125.  90% of the time the IP address I see that come in from is me at home [yeah it's pretty sad when you recognize your own IP].  But that 4125 port ... I should only see the connections I expect on that one.  Every now and then I see a 443 connection from Korea or Guatemala and I've been building up a 'block connection list'.  In fact I should take the time and dig up a really good 'this are typically bad IP addresses' list or just break down and get one of those ISA add in thingymajiggers [you expect me to coherently remember a vendor's name at this hour of the morning?] that do the work for you.

In the meantime, if anyone is more awake than I am.... comments about ISA add ons that you use and like would be appreciated so my brain doesn't have to wake up.