• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

How to block IP address and Privacy Information through ISA Server

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 General] >> General >> How to block IP address and Privacy Information through ISA Server Page: [1]
Login
Message << Older Topic   Newer Topic >>
How to block IP address and Privacy Information through... - 7.Jun.2009 3:12:31 AM   
mushtash

 

Posts: 43
Joined: 25.Feb.2009
Status: offline
I did Whois for my live WAN IP address it revealed all the information, even my browser information, add-ons etc.
Here some info given below

Remote Port: 40448
Protocol: HTTP/1.1
Connection: Keep-Alive
Proxy Server: 1.1 ISA
IP Behind Proxy: Anonymous Proxy

How can I hide the above information from reveling and do privacy from ISA server 2004 and 2006
Post #: 1
RE: How to block IP address and Privacy Information thr... - 8.Jun.2009 8:48:08 AM   
paulo.oliveira

 

Posts: 3472
Joined: 3.Jan.2008
From: Amazon, Brazil
Status: offline
Hi,

check this great post on Richard Hicks´ blog: http://tmgblog.richardhicks.com/2009/03/27/using-the-isa-http-filter-to-modify-via-headers-and-prevent-information-disclosure/

Regards,
Paulo Oliveira.

_____________________________

Microsoft Premier Field Engineer (PFE)
Blog: http://poliveirasilva.wordpress.com/
Twitter: https://twitter.com/poliveirasilva

(in reply to mushtash)
Post #: 2
RE: How to block IP address and Privacy Information thr... - 9.Jun.2009 2:44:10 AM   
mushtash

 

Posts: 43
Joined: 25.Feb.2009
Status: offline
Hi Paulo!
I modified the via header in ISA Server 2006 EE as posted in Richard Hick's Blog. But still it discloses the same information.
Any thing else i need to do in ISA ?

(in reply to paulo.oliveira)
Post #: 3
RE: How to block IP address and Privacy Information thr... - 9.Jun.2009 10:05:45 AM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Make sure to restart the services.

HTH,
Tom

_____________________________

Thomas W Shinder, M.D.

(in reply to mushtash)
Post #: 4
RE: How to block IP address and Privacy Information thr... - 9.Jun.2009 4:05:19 PM   
paulo.oliveira

 

Posts: 3472
Joined: 3.Jan.2008
From: Amazon, Brazil
Status: offline
quote:

ORIGINAL: tshinder

Make sure to restart the services.

HTH,
Tom

Also, you have to modify on all ISA´s array members.

Regards,
Paulo Oliveira.

_____________________________

Microsoft Premier Field Engineer (PFE)
Blog: http://poliveirasilva.wordpress.com/
Twitter: https://twitter.com/poliveirasilva

(in reply to tshinder)
Post #: 5
RE: How to block IP address and Privacy Information thr... - 10.Jun.2009 12:51:25 AM   
mushtash

 

Posts: 43
Joined: 25.Feb.2009
Status: offline
Which services to restart exactly. I had restarted Firewall Services and also ISA Server itself. But still the same. I have CSS with single array. I have done header modification from CSS. 

(in reply to mushtash)
Post #: 6
RE: How to block IP address and Privacy Information thr... - 11.Jun.2009 9:19:47 AM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Are these SecureNAT or Web proxy clients?

Tom

_____________________________

Thomas W Shinder, M.D.

(in reply to mushtash)
Post #: 7
RE: How to block IP address and Privacy Information thr... - 11.Jun.2009 10:53:54 AM   
mushtash

 

Posts: 43
Joined: 25.Feb.2009
Status: offline
Its web proxy client. This makes me wonder, after changes how come ISA reveals the header info.

(in reply to mushtash)
Post #: 8
RE: How to block IP address and Privacy Information thr... - 11.Jun.2009 10:55:39 AM   
adimcev

 

Posts: 380
Joined: 19.Oct.2008
Status: offline
What's the url that you test against ?
Might use some java stuff to get that info from the browser.

Thanks,
Adrian

_____________________________

Blog: http://www.carbonwind.net/blog

Get Our ISA 2006 Book!: http://tinyurl.com/2gpoo8

(in reply to tshinder)
Post #: 9
RE: How to block IP address and Privacy Information thr... - 12.Jun.2009 7:44:08 AM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Good point. Packet trace would be more reliable.

Tom

_____________________________

Thomas W Shinder, M.D.

(in reply to adimcev)
Post #: 10
RE: How to block IP address and Privacy Information thr... - 12.Jun.2009 5:08:35 PM   
mushtash

 

Posts: 43
Joined: 25.Feb.2009
Status: offline
One of the site I tried is this
http://cqcounter.com/whois/my_ip_address.php
Please try from your end. Lets see the result.

(in reply to mushtash)
Post #: 11
RE: How to block IP address and Privacy Information thr... - 15.Jun.2009 8:58:33 AM   
paulo.oliveira

 

Posts: 3472
Joined: 3.Jan.2008
From: Amazon, Brazil
Status: offline
Hi,

the information is hidden for me.

Regards,
Paulo Oliveira.

_____________________________

Microsoft Premier Field Engineer (PFE)
Blog: http://poliveirasilva.wordpress.com/
Twitter: https://twitter.com/poliveirasilva

(in reply to mushtash)
Post #: 12
RE: How to block IP address and Privacy Information thr... - 15.Jun.2009 9:46:49 AM   
mushtash

 

Posts: 43
Joined: 25.Feb.2009
Status: offline
Paulo,
How did u try this site from home or work location.As I tried from ADSL pool address the ISP proxy doesn't revel the info. But ISA as my proxy in work environment reveals the info.

(in reply to mushtash)
Post #: 13
RE: How to block IP address and Privacy Information thr... - 15.Jun.2009 10:48:54 AM   
adimcev

 

Posts: 380
Joined: 19.Oct.2008
Status: offline
I'm not behind ISA right now, but I've tried behind TMG Beta 3. And it was hidden. If/when I can, I will try behind an ISA 2006 EE.

Info likely "taken" from your GET request:
from the HTTP Header:
- Proxy Server: 1.1 ISA, with the help of the Via field(as per RFC 2616, section 14.45). What Richard described in his blog entry, is also described in this Microsoft document:
http://technet.microsoft.com/en-us/library/cc302627.aspx
- IP Behind Proxy: Anonymous Proxy, normally would get this with the X-Forwarded-For field. By default ISA does not add that field.
- User Agent:, normal stuff, helps the web server identify the browser and serve content accordingly.

The screen resolution, plugins .etc were displayed using a javascript.
http://n1.dlcache.com/whois/myipaddr.js
For example, just save this as .htm(won't be as pretty as their page):

<html>
<head>
</head>
<body>

<script type="text/javascript" language="JavaScript" src="http://n1.dlcache.com/whois/myipaddr.js"></script>

<script language="javascript">
<!--
uainfo();
//-->
</script> <br />

<script language="javascript">
<!--
uapins();
//-->
</script>

</body>
</html>


As Tom said, try to capture the traffic on ISA's external interface. Also, try with FF with NoScript.
How is configured your ISA(s) ?

Thanks,
Adrian

_____________________________

Blog: http://www.carbonwind.net/blog

Get Our ISA 2006 Book!: http://tinyurl.com/2gpoo8

(in reply to mushtash)
Post #: 14
RE: How to block IP address and Privacy Information thr... - 15.Jun.2009 11:42:15 AM   
paulo.oliveira

 

Posts: 3472
Joined: 3.Jan.2008
From: Amazon, Brazil
Status: offline
quote:

ORIGINAL: mushtash

Paulo,
How did u try this site from home or work location.As I tried from ADSL pool address the ISP proxy doesn't revel the info. But ISA as my proxy in work environment reveals the info.

Hi,

tried from work using ISA 2006 SE and IE 8.

Regards,
Paulo Oliveira.

_____________________________

Microsoft Premier Field Engineer (PFE)
Blog: http://poliveirasilva.wordpress.com/
Twitter: https://twitter.com/poliveirasilva

(in reply to mushtash)
Post #: 15

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 General] >> General >> How to block IP address and Privacy Information through ISA Server Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts