Welcome to ISAserver.org

RE: User Access Check tool

Users viewing this topic: none

Logged in as: Guest

Printable Version

All Forums >> [ISA 2006 Misc.] >> ISA Firewall Tools >> RE: User Access Check tool

Page: << < prev 1 [2]

Message

<< Older Topic Newer Topic >>

RE: User Access Check tool - 4.May2008 6:54:56 AM

ITEngineer

Posts: 256
Joined: 3.Feb.2006
Status: offline

quote:

ORIGINAL: fixitchris

Of course I can develop more software.
Did you check out my MalwareDomains.com Import Tool?
http://sync-io.net/MD2ISA.aspx

Actually I was thinking of writing an IDS plug-in to ISA, but Snort3.0 is coming out at the end of the year and it would be pointless for me to compete with that.

Also an asp.net web page based on the Access Check Tool would be nice so that each domain user can check their own Internet access without having to ask the admin for a list of allowed domains.

Hi Fix again,

is this tool really working ? when i try to surf to http://www.malwaredomains.com/files/domain.txt it gives me page can not be displayed.

can you double check please.

(in reply to fixitchris)

Post #: 21

Featured Links*

RE: User Access Check tool - 4.May2008 9:25:00 AM

dglosser

Posts: 2
Joined: 4.May2008
Status: offline

www.malwaredomains.com/files/domains.txt

< Message edited by dglosser -- 4.May2008 2:09:53 PM >

(in reply to ITEngineer)

Post #: 22

RE: User Access Check tool - 4.May2008 9:48:21 AM

ITEngineer

Posts: 256
Joined: 3.Feb.2006
Status: offline

have you tried the link ? its giving page not found

(in reply to dglosser)

Post #: 23

RE: User Access Check tool - 4.May2008 11:35:49 AM

fixitchris

Posts: 118
Joined: 23.May2007
Status: offline

ITENG I answered your post regarding MalwareDomains here http://forums.isaserver.org/m_2002065825/mpage_1/key_/tm.htm#2002066342

(in reply to ITEngineer)

Post #: 24

RE: User Access Check tool - 4.May2008 11:42:48 AM

ITEngineer

Posts: 256
Joined: 3.Feb.2006
Status: offline

Thanks.

Will check it there.

(in reply to fixitchris)

Post #: 25

RE: User Access Check tool - 4.May2008 2:10:58 PM

dglosser

Posts: 2
Joined: 4.May2008
Status: offline

domains.txt, plural. somehow the display was good but the link was bad. My bad.

Also, lines with a comment (#) in the first column are NOT active: false positives, inactive domains, or duplicates....

< Message edited by dglosser -- 4.May2008 2:13:44 PM >

(in reply to ITEngineer)

Post #: 26

RE: User Access Check tool - 6.May2008 11:46:05 AM

paulo.oliveira

Posts: 727
Joined: 3.Jan.2008
From: Amazonas, Brazil
Status: offline

Hi fixitchris,

I�m currently using ISA 2006 and my clients are webproxys or secureNAT. Do you have or know a free software to check what websites are they visiting? The original ISA reports does not show this essencial information in nowdays!!

Thanks and congratulations on your software it�s really great!!

PS: Maybe you can add this feature to your software... what do you think?

(in reply to fixitchris)

Post #: 27

RE: User Access Check tool - 7.May2008 3:37:28 PM

elmajdal

Posts: 5024
Joined: 16.Sep.2004
From: Lebanese in Kuwait
Status: offline

Hi Paulo,

check my article here : Creating Detailed Reports Using ISA Server 2006 & Excel

HTH,
Tarek

_____________________________

Tarek Majdalani

MS Forefront Edge Security MVP
Website : http://www.elmajdal.net/ISAServer
New Section : http://www.elmajdal.net/Win2k8

(in reply to paulo.oliveira)

Post #: 28

RE: User Access Check tool - 7.May2008 3:49:35 PM

elmajdal

Posts: 5024
Joined: 16.Sep.2004
From: Lebanese in Kuwait
Status: offline

Hi Chris,

i just tried you latest build and i think the result for the deny rule is wrong.

i have a rule for example:

Deny >Http/Https > From a Computer Set > To External Except mail.company.com > AD Group

The result under the deny tab is as follows :

Protocols :

Http Allowed
Https Allowed

Computers/Url Set/ Domains

mail.company.com Denied

_____________________________

Tarek Majdalani

MS Forefront Edge Security MVP
Website : http://www.elmajdal.net/ISAServer
New Section : http://www.elmajdal.net/Win2k8

(in reply to fixitchris)

Post #: 29

RE: User Access Check tool - 7.May2008 4:52:26 PM

fixitchris

Posts: 118
Joined: 23.May2007
Status: offline

UPDATE: http://www.sync-io.net/Files/ISA_UserAccessChk_Binary.zip
Binary updated to show correct rule action for denied and disabled rules.

You're right... I created a rule:

DENY > HTTP/HTTPS > FROM COMPUTER1 > TO EXTERNAL EXCEPT DOMAIN.COM > AD USER

and I get

External is Allowed
Http/Https is Allowed
DOMAIN.COM is Denied

This is how the data is represented by ISA. I think the logic is that -1 * -1 = 1, in other words:

DENY RULE * ALLOW HTTP = DENY HTTP
DENY RULE * DENY domain.com = ALLOW domain.com

< Message edited by fixitchris -- 7.May2008 5:31:40 PM >

(in reply to elmajdal)

Post #: 30

RE: User Access Check tool - 9.May2008 3:49:26 AM

elmajdal

Posts: 5024
Joined: 16.Sep.2004
From: Lebanese in Kuwait
Status: offline

Hi Chris,

Denies rules Reports are accurate now.

Thanks.

By the way, i think you should remove the : NOTE: Report does not include disabled or denied rules.

and can you please the default text GATEWAY.

Thanks

_____________________________

Tarek Majdalani

MS Forefront Edge Security MVP
Website : http://www.elmajdal.net/ISAServer
New Section : http://www.elmajdal.net/Win2k8

(in reply to fixitchris)

Post #: 31

RE: User Access Check tool - 9.May2008 12:21:14 PM