Access restricted sites with HTTP tunneling (Full Version)

All Forums >> [ISA Server 2004 Firewall] >> HTTP Filtering



Message


royh -> Access restricted sites with HTTP tunneling (7.Sep.2007 8:02:27 PM)

Hi everybody,

This thread is to discuss various ways malicious surfers can use to access restricted sites; thus bypassing firewall rules and policies and how to use the HTTP filter to stop such behavior.

Thanks




ianfermo -> RE: Access restricted sites with HTTP tunneling (8.Sep.2007 9:13:20 AM)

Hi,

Create a Whitelist for HTTPS protocol and even skype can't pass thru although this will mean bugging from users why is it, their HTTPS site is not accessible.

Cheers...




ITEngineer -> RE: Access restricted sites with HTTP tunneling (8.Sep.2007 1:09:16 PM)

quote:

ORIGINAL: ianfermo

Hi,

Create a Whitelist for HTTPS protocol and even skype can't pass thru although this will mean bugging from users why is it, their HTTPS site is not accessible.

Cheers...


How do u create this whitelist ? Domain Name Set ? URL Set ?

and what is the format ? i mean *.domainname.com ? how ?




royh -> RE: Access restricted sites with HTTP tunneling (9.Sep.2007 9:29:40 AM)

What if they are tunneling their traffic inside http?




ianfermo -> RE: Access restricted sites with HTTP tunneling (9.Sep.2007 6:47:28 PM)

Hi,

Try to read this link and read HTTP Policy and SSL Connections http://www.microsoft.com/technet/isa/2004/plan/httpfiltering.mspx. For this reason thats why we create a lease priveledge for HTTPS.

Destination = yahoo.com

Rule Allow HTTPS Internal to Destination

Cheers...




elmajdal -> RE: Access restricted sites with HTTP tunneling (11.Sep.2007 6:11:05 PM)

Hi Guys,

GFI WM4 provides WebGrade feature, a human reviewed Database that contains more than 84 categories.

File Sharing, Web IM , Anony Proxy are categories that are included in this Database.

HTH,
Tarek




royh -> RE: Access restricted sites with HTTP tunneling (11.Sep.2007 7:17:15 PM)

Hi,

Is there any article, explaining in depth the http tunneling process and how to stop it using the http filter in ISA 2006?

Thanks...




lsjames -> RE: Access restricted sites with HTTP tunneling (1.Oct.2007 8:57:51 PM)

Active Wall provides the filtering of http tunnel. http://www.lanctrl.com

[image]http://en.lanctrl.com/awall/images/httpetc.gif[/image]




royh -> RE: Access restricted sites with HTTP tunneling (13.Oct.2007 12:23:53 PM)

Thanks

Will try it and revert to you with my feedback




royh -> RE: Access restricted sites with HTTP tunneling (16.Oct.2007 6:24:50 PM)

Hi,

Tunneling applications are still connecting....




Page: [1]