• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Block specific files?

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> HTTP Filtering >> Block specific files? Page: [1]
Login
Message << Older Topic   Newer Topic >>
Block specific files? - 2.Dec.2004 9:59:00 PM   
Christ5340

 

Posts: 7
Joined: 1.Jun.2003
Status: offline
Is it possible to block specific files, see below, using a filter in ISA Server 2004?

WinAd by TwistedHumor Winad.exe, WinAdTools.exe Winclt.exe, WinAd.DLL
WinTools WTOOLSA.EXE, WTOOLSB.DLL, WTOOLSS.DLL
New.net NEWDOTNET.DLL
WebRebates WEBREBATES0.exe
MyWebSearch.com Hijacker MYBAR/MYWAY.DLL, MWSSRCAS.DLL, MWSOEMON.DLL
PowerREGISTER POWERREG SCHEDULER.EXE
Tioga / Support.com TGCmd.exe
XUpiterSpyware - OrbitExplorer toolbar.dll
Addictive Technologies ATPARTNERS.DLL
WhenU.com VVSN.exe / Save.exe
Gator / Claria CMESYS.exe, GMT.exe, GAIN_Tickler*.exe
ISTbar ISTSVC.EXE
180Solutions MSBB.EXE
Post #: 1
RE: Block specific files? - 3.Dec.2004 11:57:00 AM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Chris,

Yes.

HTH,
Tom

(in reply to Christ5340)
Post #: 2
RE: Block specific files? - 3.Dec.2004 11:48:00 PM   
Christ5340

 

Posts: 7
Joined: 1.Jun.2003
Status: offline
Great, How do I setup that filter? Note: I am talking about blocking from coming into the network in every possible way, mainly thru HTTP when the spyware tries to sneak in, not really SMTP.

[ December 03, 2004, 11:52 PM: Message edited by: Christ5340 ]

(in reply to Christ5340)
Post #: 3
RE: Block specific files? - 13.Jan.2005 7:10:00 AM   
dinodod

 

Posts: 100
Joined: 1.Oct.2004
Status: offline
Create a new rule
Go into the properties and under Content Types, click on the types you want to block. If you are going to edit the extentions, 1st copy them into a new content type and edit that content type. Unless you need to, be sure to remove .js extension or just about every page will have an error. Add the groups that you want it to apply to and apply the changes.

I'm not sure if you can add the actual file name in here or just the TYPE of files. It would be a lot easier to filter out all executable content to all users and create another rule that allows downloads from specific sites or you will need to keep your eyes on the logs daily to see what they are d/ling.

(in reply to Christ5340)
Post #: 4
RE: Block specific files? - 13.Jan.2005 11:31:00 AM   
zzz343

 

Posts: 764
Joined: 19.Feb.2002
From: World's 7th Nuclear Power
Status: offline
In ISA2000 , we are blocking such applications via FIREWALL CLINT APPLICATION method & its blocking fine [Big Grin]

(in reply to Christ5340)
Post #: 5

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> HTTP Filtering >> Block specific files? Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts