• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Discussion about article on Dangers of SSL tunneling

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 General ] >> General >> Discussion about article on Dangers of SSL tunneling Page: [1]
Login
Message << Older Topic   Newer Topic >>
Discussion about article on Dangers of SSL tunneling - 7.Nov.2004 4:55:00 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
This thread is for discussing the article on the dangers of SSL tunneling over at http://isaserver.org/articles/2004isassl.html

HTH,
Tom

[ November 07, 2004, 05:07 PM: Message edited by: tshinder ]
Post #: 1
RE: Discussion about article on Dangers of SSL tunneling - 7.Nov.2004 5:02:00 PM   
Ara.A

 

Posts: 259
Joined: 21.Oct.2004
Status: offline
where is it? [Confused] Or maybe I am too early [Big Grin]

(in reply to tshinder)
Post #: 2
RE: Discussion about article on Dangers of SSL tunneling - 7.Nov.2004 5:07:00 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Ara,

You're too quick! Its here now [Smile]

Thanks!
Tom

(in reply to tshinder)
Post #: 3
RE: Discussion about article on Dangers of SSL tunneling - 7.Nov.2004 5:11:00 PM   
Ara.A

 

Posts: 259
Joined: 21.Oct.2004
Status: offline
Hello tom,
If the policy for a company is only allowed http and ftp (not https) to internet, should they be worried about ssl from inside? Or I am missing a key point here
[Confused]

[ November 07, 2004, 05:27 PM: Message edited by: Ara ]

(in reply to tshinder)
Post #: 4
RE: Discussion about article on Dangers of SSL tunneling - 7.Nov.2004 6:43:00 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Ara,

HTTP isn't SSL, so you're safe, but you will need to configure the HTTP Security Filter to filter out the tunneled applications.

HTH,
Tom

(in reply to tshinder)
Post #: 5
RE: Discussion about article on Dangers of SSL tunneling - 7.Nov.2004 7:25:00 PM   
Ara.A

 

Posts: 259
Joined: 21.Oct.2004
Status: offline
I have done this step
http://www.microsoft.com/technet/prodtechnol/isa/2004/plan/commonapplicationsignatures.mspx
[Confused]

(in reply to tshinder)
Post #: 6
RE: Discussion about article on Dangers of SSL tunneling - 7.Nov.2004 7:33:00 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Ara,

That's a good start!

Tom

(in reply to tshinder)
Post #: 7
RE: Discussion about article on Dangers of SSL tunneling - 7.Nov.2004 7:47:00 PM   
Ara.A

 

Posts: 259
Joined: 21.Oct.2004
Status: offline
1. I have only published http and ftp access from inside, no https, so they canĘt login to web based mail accounts
2. application signatures are being used to block possible trouble users getting around default rules by using proxy
3. I have clicked the box on http rule that says block suspicious windows code
4. I have removed any not needed category from http definition like music, video and programs
5. GFI download security is installed
6. last default rule, LOL , if you violate the rules, you are fired [Big Grin]

Do you think this is a proper safe setting?

(in reply to tshinder)
Post #: 8

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 General ] >> General >> Discussion about article on Dangers of SSL tunneling Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts