• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

lost in darkness , need some light .. O ! wise moderators :P

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2000 General] >> General >> lost in darkness , need some light .. O ! wise moderators :P Page: [1]
Login
Message << Older Topic   Newer Topic >>
lost in darkness , need some light .. O ! wise moderato... - 14.Feb.2007 3:59:22 PM   
kwak

 

Posts: 1
Joined: 14.Feb.2007
Status: offline
Good Afternoon fellow mates & Moderators ,
             I just wanted to know if there is any way possible that you can bypass isa server 2000 without showing on isa sever or in its logs . Im running a cable network of about 120 users on local area network and the issue I faced was that a user who is far much experienced in networking somehow managed to do this so I couldnt even detect it on my windows server 2003 based machine running ISA server 2000 with GFI webmonitor . I checked the logs constantly while monitoring on GFI webmonitor and isa but I couldnt find his IP . He was really consuming a huge amount of bandwidth .
             I have assigned users with the ip series 192.168.1.xx . I asked another friend of mine that that could this be possible ? He replied that there are ip hiding softwares such as 'anonymizer' and 'iphideplatinum' , etc. which masks / conceals ip addresses .
                 So , coming to the point .. can you tell me what software / trick he is using and is there anyway to defend against this ??
                                                   Thanking you  ,
                                                         A desperate amateur network administrator
                                                                                  ( DANA) 
Post #: 1
RE: lost in darkness , need some light .. O ! wise mode... - 20.Feb.2007 11:39:26 AM   
nicks

 

Posts: 47
Joined: 17.Sep.2002
Status: offline
Hi,

One way to disallow this is to have all users authenticate with ISA server when accessing the web. You would need to configure the browsers for your users so that it is using your ISA server as the proxy server. Apart from that, the users will have to authenticate with ISA server when accessing the web. This will allow both ISA server and GFI WebMonitor to show you the usernames of the users accessing the web.

This is more difficult for the users to fake.

Another thing that would help would be to install the Firewall client on the users' machine.

_____________________________

Nicholas Sciberras
GFI Software - http://www.gfi.com
Messaging, Content Security & Network Security Software

(in reply to kwak)
Post #: 2

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2000 General] >> General >> lost in darkness , need some light .. O ! wise moderators :P Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts