• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Application filter - media play

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> General >> Application filter - media play Page: [1]
Login
Message << Older Topic   Newer Topic >>
Application filter - media play - 25.Sep.2008 3:16:01 AM   
gping

 

Posts: 11
Joined: 22.Jan.2007
Status: offline
I noticed some users were viewing movies or receiving radio via internet.
I checked isa log and see they were using wmplayer.exe.
How can I setup a rule to disable / reject wmplayer.exe?
And alos I setup a rule to reject all outbound traffic with content type = audio and video. Is this a good way or will it cause a lot inconvenience to good users?
Any suggestion is greatly appreciated.
Post #: 1
RE: Application filter - media play - 26.Sep.2008 9:59:48 AM   
pwindell

 

Posts: 2244
Joined: 12.Apr.2004
From: Taylorville, IL
Status: offline
Pretty much impossible.  "Audio and Video" is only classified as such when it is "streamed" with streaming protocols,...but having a link on  web page to a AVI, MPG, or a WMV file is not "streaming", therefore is not classigied as "Audio / Video",...it is just a link to a file,..it could just as easily been a PDF file.  How does it open in the WMP? or the Acrobate Reader?...well that only happens after the download has finished when Windows opens the file based on the File Associations in Windows,...so the WMP playing the file or the Adobe Reader opening the file never happens "over the internet", it is happening locally on the machine only.

The best you can do is to try to block by the type "audio /video" as you are doing and also try to block by file types,...and use signatures. It takes all the methods combined and still may not work 100%.

Common Application Signatures
http://www.microsoft.com/technet/prodtechnol/isa/2004/plan/commonapplicationsignatures.mspx
HTTP Filtering in ISA Server 2004
http://www.microsoft.com/technet/prodtechnol/isa/2004/plan/httpfiltering.mspx

_____________________________

Phillip Windell

(in reply to gping)
Post #: 2

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> General >> Application filter - media play Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts