in reply to Re^2: Consideration for obscenity
in thread Consideration for obscenity

Hmmm.. that reminds me of an incident in my own career that I often trot out surrounding this subject.

Working for a CLEC that got bought out by a "Major Multinational Telecommunications Company" we (the keepers of the internet gateway) were instructed to install a proxy server such that all web browsing was redirected from the firwall to this proxy appliance where sites were either allowed or blocked via this wonderful appliance using some sort of "heuristic content filtering" to determine if a web site fit within the corporate guidelines for suitable web sites.

After spending much time working with our Checkpoint firewall to take all port 80 traffic going outbound, redirect it to port 9090 on the appliance and then reverse all of that on the way in to the appropriate web browser (many tech support calls later) we got the stupid thing working and the corporate REMFs were happy. All the while I was working on this project I used many words that I'm sure the "heuristic content filters " would have banned calling into question everything from the probable ancestory of the people who came up with this plan and the stupidity of using technology to enforce management policies to their morning diet.

Since they wouldn't give us administrative rights on this wonderful box, we weren't able to prevent what happened next.

The American Cancer Society, about two weeks after we installed the appliance and got in running, had a week long focus on women's health and in particular breast cancer (hmm... wonder if this will get blocked by someone's corporate web proxy??) and many of the ladies that worked where I worked tried to go out and look at the website only to find they got our page that stated in ominous tones that they had violated the corporate policies on web use.

This generated quite a stir. And when an executive vice president (yes... female) got that page, she went ballistic. She came marching down to my office breathing fire and wanted to know in terms that I'm sure would have been blocked by the proxy and most unlady-like why this page was being blocked.

I keep my feathers numbered for just such emergencies

I explained to this rather irate EVP about the proxy, the directive from corporate, etc. etc. She thought about it for a while, and then said "pull the plug on that thing!" "If you need it in writing to CYA then I'll provide that too, but pull the plug!"

Did I mention that I keep my feathers numbered for such emergencies?

After restoring the Checkpoint configuration that existed prior to the installation of the proxy (making a backup of the one that worked with the proxy just in case) the ladies were able to go to the ACS site without being told by a rather obnoxious web page that they were subject to immediate dismissal for violating corporate web use policies.

Such is the life of a SysAdmin.


Peter L. Berghold -- Unix Professional
Peter -at- Berghold -dot- Net; AOL IM redcowdawg Yahoo IM: blue_cowdawg