Re: Authentication on outgoing web requests on ISA
- From: mathif@xxxxxxxxxxxxxxx
- To: isalist@xxxxxxxxxxxxx
- Date: Sun, 18 Apr 2004 10:11:20 +0300
Thanks a lot for the explanation. After reading your explanation, I have
found this KB article
http://support.microsoft.com/default.aspx?scid=kb;en-us;288571&Product=ISAS
-----Original Message-----
From: Jim Harrison [mailto:jim@xxxxxxxxxxxx]
Sent: Sunday, 18 April 2004 4:15 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: Authentication on outgoing web requests on ISA
http://www.ISAserver.org
This is normal behavior for almost every browser on this planet. It
generates the anonymous requests for every link it asks for. ISA also logs
every request it receives from a client. Since authentication traffic can
take up to 4 request/response cycles, you'll see them all as "anonymous".
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG http://www.microsoft.com/isaserver
http://isaserver.org/Jim_Harrison
http://isatools.org
Read the help, books and articles!
----- Original Message -----
From: <mathif@xxxxxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Saturday, April 17, 2004 07:37
Subject: [isalist] Re: Authentication on outgoing web requests on ISA
http://www.ISAserver.org
Hi jim,
Thanks for the response. Yes I can see that succesful connection from the
log for "RIYADH\jtena" . Actually, my question is why is it anonymous for
the first 2-3 requests and then we culd see "RIYADH\jtena" . But, initially,
it was anonymous, why?? Is it the normal behavior of ISA? IF so Can we
overcome this?? I have also specified authentication on outgoing web request
then why does it show anonymous initially Is there any KB article explaining
this behavior??
Yes, actually iam trying to block these spywares with the help of ISA LOGS,
understading SC-Result codes.
Thanks,
Athif
-----Original Message-----
From: Jim Harrison [mailto:jim@xxxxxxxxxxxx]
Sent: Saturday, 17 April 2004 5:24 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: Authentication on outgoing web requests on ISA
http://www.ISAserver.org
Quit using hotbar.
It and Gator (that comes with it) are some of the worst spyware apps on the
Internet.
The only successful connection (sc-result = 200) wasn't anonymous:
172.20.45.79, RIYADH\jtena, Mozilla/4.0 (compatible; MSIE 5.01; Windows NT
5.0; Hotbar 4.4.2.0), Y, 4/16/2004, 0:14:38, w3proxy, IT-ISA01, -,
212.93.193.87, 212.93.193.87, 8080, 500, 488, 495, http, -, GET,
http://spweather.whenu.com/summary/SA/XX/0017.html
<http://spweather.whenu.com/summary/SA/XX/0017.html> , -, Upstream, 200, -,
Your username "RIYADH\jtena" is clearly listed in the log.
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG http://www.microsoft.com/isaserver
http://isaserver.org/Jim_Harrison
http://isatools.org
-----------------------------------------------------
This email and any files transmitted with it are confidential and intended
solely for the use of the individual or entity to whom/which they are
addressed. If you have received this email in error please notify the system
manager at the following email address: sadmin@xxxxxxxxxxxxxxx
<mailto:sadmin@xxxxxxxxxxxxxxx>. Please note that any views or opinions
presented in this email are solely those of the author and do not
necessarily represent those of Al Faisaliah Group. Internet communications
cannot be guaranteed to be secure or error-free as information could be
intercepted, corrupted, lost, arrive late or contain viruses. The sender
therefore does not accept liability for any errors or omissions in the
context of this message, which arise as a result of Internet transmission.
Finally, the recipient should check this email and any attachments for the
presence of viruses. Al Faisaliah Group accepts no liability for any damage
caused by any virus transmitted by this email.
-----------------------------------------------------
Other related posts:
