• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

block download from web forums

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> HTTP Filtering >> block download from web forums Page: [1]
Login
Message << Older Topic   Newer Topic >>
block download from web forums - 4.Dec.2005 10:33:11 AM   
alfarhoud

 

Posts: 10
Joined: 4.Dec.2005
Status: offline
Hi people this Is my first post
 
I installed MS ISA 2004 on my network for testing before I go production with it and I configured the policies of the http web filter to block downloadable files such as .exe .zip .rar …….etc….etc and when I test it worked like a dream  up until I tried to test the download on a VBulletin forum and it did download from it.
 
My question is how can I block the downloads from forums????
Post #: 1
RE: block download from web forums - 7.Dec.2005 9:12:05 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Alfar,

What is the URL that allowed the download?

Thanks!
Tom

_____________________________

Thomas W Shinder, M.D.

(in reply to alfarhoud)
Post #: 2
RE: block download from web forums - 7.Dec.2005 9:41:36 PM   
Guest
right click your rule > configure Http

under the Extensions Tab add what even extension u want to block.

(in reply to alfarhoud)
  Post #: 3
RE: block download from web forums - 7.Dec.2005 10:43:33 PM   
alfarhoud

 

Posts: 10
Joined: 4.Dec.2005
Status: offline
hi Tom

this is the url for the forum

www.al-hatif.com/vb

humm the site is in arabic so let me give you a direct link for a downloadable file

http://al-hatif.com/vb/showthread.php?t=190

and majdal
 
i did that and its working for normal site the idea is to block it for forums

(in reply to Guest)
Post #: 4
RE: block download from web forums - 8.Dec.2005 2:12:12 AM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Alfar,

I'm not sure where to clck. When I clck on something that looks like a .zip icon, it takes me to another page which looks like a log on page.

Tom

_____________________________

Thomas W Shinder, M.D.

(in reply to alfarhoud)
Post #: 5
RE: block download from web forums - 17.Dec.2005 2:33:24 PM   
alfarhoud

 

Posts: 10
Joined: 4.Dec.2005
Status: offline
ohh yes tom you need to log in to download

i made an account for you to use log/pass: tom/tom 

go to the link and see what you can do

Yours Alfarhoud

(in reply to tshinder)
Post #: 6
RE: block download from web forums - 17.Dec.2005 3:16:10 PM   
elmajdal

 

Posts: 6022
Joined: 16.Sep.2004
From: Lebanese in Kuwait
Status: offline
man , i logged in and tried the download  with what i said to u before , i was blocked to download the zip files.

check ur isa rules , maybe u have another rule that is bypassing ur users.

(in reply to alfarhoud)
Post #: 7
RE: block download from web forums - 17.Dec.2005 4:16:00 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hey guys,

Here is my log file result:

Original Client IP Authenticated Client Service Server Name Referring Server Destination Host Name MIME Type Object Source Source Proxy Destination Proxy Bidirectional Client Host Name Network Interface Raw IP Header Raw Payload Source Port Processing Time Bytes Sent Bytes Received Cache Information Log Time Client IP Destination IP Transport Destination Port Protocol Action Rule Client Username URL Source Network Destination Network HTTP Method Filter Information Error Information Result Code Log Record Type Client Agent HTTP Status Code
0.0.0.0 Yes Proxy CELESTIX-H5L4CS  al-hatif.com application/zip Internet - -  - - - - 0 721 77132 636 0x1a00000 12/17/2005 9:14:45 AM 192.168.1.70 66.116.229.37 TCP 80 http Allowed Connection All Open Users CELESTIX-H5L4CS\tshinder http://al-hatif.com/vb/attachment.php?attachmentid=487&d=1122412545 Internal External GET  0x480  Web Proxy Filter Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; InfoPath.1; .NET CLR 2.0.50727) 200

Notice that the MIME type does indicate that a zip file is being downloaded, but the file extension is not included in the request, so you need to block the MIME type in addition to the file extension using Content Groups.

HTH,
Tom


_____________________________

Thomas W Shinder, M.D.

(in reply to elmajdal)
Post #: 8

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> HTTP Filtering >> block download from web forums Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts