Discussion about article on site blocking (Full Version)

All Forums >> [ISA Server 2004 Firewall] >> Access Policies



Message


tshinder -> Discussion about article on site blocking (27.Apr.2005 3:13:00 PM)

This thread is for discussing Greg Mulholland's article on using the ISA firewall for site blocking at http://isaserver.org/articles/2004firewallblocklist.html

Thanks!
Tom

[ April 27, 2005, 03:25 PM: Message edited by: tshinder ]




StageElectrics -> RE: Discussion about article on site blocking (27.Apr.2005 4:42:00 PM)

Hi there!

Can you tell me how can I make the ISA 2004 to scan each web page for keywords and block the page if any keywords match the black list of keywords. For example I want to block every page that has the "teen" word in it. Is it possible?

Thanks
Stage Electrics




rjodwyer -> RE: Discussion about article on site blocking (27.Apr.2005 5:09:00 PM)

Hey,

Great article, have been waiting for how to configure this on ISA2004 for some time.

What I would like to know is, is it possible to allow some users past the blacklist? if the ISA is in domain, can i tell it that the rule applies to domain users only? etc?

Many thanks,
Ryan O'Dwyer




tshinder -> RE: Discussion about article on site blocking (27.Apr.2005 5:15:00 PM)

quote:
Originally posted by Stage Electrics:
Hi there!

Can you tell me how can I make the ISA 2004 to scan each web page for keywords and block the page if any keywords match the black list of keywords. For example I want to block every page that has the "teen" word in it. Is it possible?

Thanks
Stage Electrics

Hi Stage,

Yes, you can use the HTTP Security Filter signatures to do this. I'll put this on the article list for upcoming articles.

Thanks!
Tom




tshinder -> RE: Discussion about article on site blocking (27.Apr.2005 5:17:00 PM)

quote:
Originally posted by Ryan O'Dwyer:
Hey,

Great article, have been waiting for how to configure this on ISA2004 for some time.

What I would like to know is, is it possible to allow some users past the blacklist? if the ISA is in domain, can i tell it that the rule applies to domain users only? etc?

Many thanks,
Ryan O'Dwyer

Hi Ryan,

You bet. You can create the rule to apply to all user *except* the group in question, on the Users tab of the rule.

This will turn the rule into an authenticated access rule, so you'll have to be careful where to place it in relation to your anonymous access rules.

HTH,
Tom




denizyalcin -> RE: Discussion about article on site blocking (27.Apr.2005 6:46:00 PM)

Hi all,

I'm already using such a URL filter but instead of using just one massive URL block I do categorize my filters. I know that it will take a huge time to have a succesful filter but I'm not going to analyze and filter those unproductive site visits for a long time.

My goal by doing categorized filter lists is to show specialized warnings to the users. It will especially be useful for our goverment users. For some types of websites I need to show official warnings to the employees and for other types I need specified warnings which would embarrass and warn them [Wink] This way, I think I could force them to use the internet in a more productive way.

I haven't prepared those warning pages yet but I would like to get those pages from a local drive. There is a checkbox in the "Action" tab of Access Policy properties which says "Redirect HTTP requests to this Web page". Is it possible to point this webpage to a local file on the ISA box ?




isawader -> RE: Discussion about article on site blocking (27.Apr.2005 11:32:00 PM)

If I have a URL set with 500 entries, how will this affect the ISA's performance. I would imagin ISA needs to go through each URL entry for every outgoing traffic and do authentication on top of it. Hopefully ISA uses something like hash tables for searching.




tshinder -> RE: Discussion about article on site blocking (28.Apr.2005 1:03:00 AM)

Hi ISA,

I've tested with over 100,000 entries will little effect on performance.

HTH<
Tom




amitrkothari -> RE: Discussion about article on site blocking (28.Apr.2005 5:25:00 AM)

To block the specific keywords, you can use Signature configuration in HTTP Filtering... I tried with all the messenger.

I start the Etherreal and capture the ongoing traffic URL. Search any keyword and block it in Signature section.

This way you can block Rediff, Hotmail, Yahoo attachments also.

Amit kothari
TATA BPO
Network Administrator




helfirex -> RE: Discussion about article on site blocking (2.May2005 11:43:00 PM)

I would be very intrested in using the http filter to block specific words. Look forward to the article tom.

Chris




huma -> RE: Discussion about article on site blocking (3.May2005 7:46:00 AM)

hi

i want to block any web page thats URL contain the keyword "sex" any where in it (in start, mid or end of URL) is it possible in isa server 2000 and isa server 2004 , if it is so tell me the whole procedure




tahsin -> RE: Discussion about article on site blocking (3.May2005 11:16:00 AM)

Hello,
How I can apply these applications on ISA Server 2000. Thank you.




Guest -> RE: Discussion about article on site blocking (4.May2005 5:12:00 PM)

Hi, great article ! Have a question though, am i doing something wrong ?

Take for example the URL "fateback.com".
Through the IE you can access the site both by "http://www.fateback.com" and "http://fateback.com". However, by blocking "http://fateback.com" y can still access it by using "http://www.fateback.com"

Am i doing something wrong or is it supposed to work like this ?

I've tried blocking "http://*.fateback.com" and it works, but is this how it is suppossed to be done ?

ps: This doesnt happen only with that address, i've tried it with many on the blocked lists from the article.

Best regards,
Alan




Guest -> RE: Discussion about article on site blocking (18.May2005 10:01:00 AM)

Is there any way to block via IP and except via IP instead of user name?




Guest -> RE: Discussion about article on site blocking (18.May2005 10:21:00 AM)

Forget that last post ... Got it.

You can get exceptions by looking at the rule after it is created but not before ... still keeps throwing me in comparison to ISA2K.




gtjr92 -> RE: Discussion about article on site blocking (24.May2005 5:56:00 PM)

How can i import these lists into ISA Server 2000??
Thanks




cybernard -> RE: Discussion about article on site blocking (6.Jun.2005 5:39:00 AM)

I have followed http://isaserver.org/articles/2004firewallblocklist.html article using same xml block lists, but for some reason it does not work ??




bimbis -> RE: Discussion about article on site blocking (6.Jun.2005 6:36:00 AM)

Hi,
Check this out i have tried this http://blacklists.w.interia.pl/index_b2004.htm

it works

Bimbis




ISA_NL -> RE: Discussion about article on site blocking (6.Jun.2005 6:45:00 AM)

But how does this works for isa2000,.
I cant get it in my isa 2000 environment.

plz help




ISA_NL -> RE: Discussion about article on site blocking (7.Jun.2005 5:53:00 AM)

Tshinder,

Plz help us with importing the blacklist into isa 2000 , i think very much peoople want that...

PLz reaction,

GreetZ isa_nl




Page: [1] 2 3 4   next >   >>