• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Blacklist / Blocklist URL Set

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Firewall] >> Access Policies >> Blacklist / Blocklist URL Set Page: [1]
Login
Message << Older Topic   Newer Topic >>
Blacklist / Blocklist URL Set - 26.May2009 12:14:59 PM   
markrailton

 

Posts: 24
Joined: 19.May2009
Status: offline
Hi All,

Could some one possibly point me in the right direction with this, I have setup a blacklist/block list URL set as an exception for a access rule but i want to know is it possible to get this url set to update daily from a particular source online.

Im aware that there are services out there that you pay for but seem to be compatible only for DansGuardian

i have a decent url set but appears outdated after reviewing a few reports people on the network are browsing non-work related material.


Cheers,


Thanks
Post #: 1
RE: Blacklist / Blocklist URL Set - 27.May2009 11:28:03 AM   
FlashPan

 

Posts: 30
Joined: 11.Feb.2009
Status: offline
Hi,

One tool I use you can find here.

http://sync-io.net/go/www/Products/ISATools.aspx

It will work for domains that have been flagged as malware.  Better than nothing though

Hope this helps.

Cheers

(in reply to markrailton)
Post #: 2
RE: Blacklist / Blocklist URL Set - 27.May2009 11:35:41 AM   
pwindell

 

Posts: 2244
Joined: 12.Apr.2004
From: Taylorville, IL
Status: offline
www.OpenDNS.com



_____________________________

Phillip Windell

(in reply to markrailton)
Post #: 3
RE: Blacklist / Blocklist URL Set - 27.May2009 12:03:38 PM   
markrailton

 

Posts: 24
Joined: 19.May2009
Status: offline
Hi ,

thanks alot for the reply but how would i get this openDNS service to work in the way i mentioned, how i would intergrate this with ISA itself?


Really Appreciate the reply


Thank you

(in reply to pwindell)
Post #: 4
RE: Blacklist / Blocklist URL Set - 27.May2009 12:17:31 PM   
pwindell

 

Posts: 2244
Joined: 12.Apr.2004
From: Taylorville, IL
Status: offline
It is not integrated into the ISA. The ISA is not even involved.

You just change your DNS Forwarders from what they are now to the two IP#s of the OpenDNS DNS servers.  You then create an account on their site and use the account to setup the Domains and/or catagories of Domains that you want it to block.

The OpenDNS people maintain those block lists which you could never hope to do.

_____________________________

Phillip Windell

(in reply to markrailton)
Post #: 5
RE: Blacklist / Blocklist URL Set - 28.May2009 1:20:04 PM   
markrailton

 

Posts: 24
Joined: 19.May2009
Status: offline
Hi,


Thanks alot for the help this has helped me in a really BIG way, but i have one more concern about this service by openDNS, can this applied to specifically to a server instead of DNS that effects domain wide.

Can this be applied only to a ISA server so that it does lookups on those DNS addresses provided by openDNS but the trick here is that my PC will use my dns settings provided by dhcp to do the lookup therefore even if i proxy threw my ISA server which has the openDNS addresses, sites still dont get blocked by that service.

any suggestions would be appreciated.


Thanks for the help so far

(in reply to pwindell)
Post #: 6
RE: Blacklist / Blocklist URL Set - 28.May2009 2:15:58 PM   
pwindell

 

Posts: 2244
Joined: 12.Apr.2004
From: Taylorville, IL
Status: offline
They are just "replacement" forwarders.  So you have to "do the math" there.  What you are asking is if some machine. on my LAN can use one Forwarder and other machines use a different Forwarder.  The answer is a simple no,...why?,...because none of your machine are using Forwards to start with,...only your DCs use the Forwarders,...everything else uses the DC/DNS only.

_____________________________

Phillip Windell

(in reply to markrailton)
Post #: 7
RE: Blacklist / Blocklist URL Set - 28.May2009 2:19:06 PM   
pwindell

 

Posts: 2244
Joined: 12.Apr.2004
From: Taylorville, IL
Status: offline
I need to add to that last post.

Keep in mind that you are not supposed to "go crazy" with blocking things with Open DNS.  You only setup the catagories with OpenDNS in a more conservative way,...only do things that are Global to the whole LAN.  The idea is the lessen what you had to do on the ISA itself.  Then after that,... you do more specific and more "targeted" blocks with the ISA.

_____________________________

Phillip Windell

(in reply to pwindell)
Post #: 8

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Firewall] >> Access Policies >> Blacklist / Blocklist URL Set Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts