RE: Blocking a Specific URL
- From: "Ball, Dan" <DBall@xxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Tue, 10 Jan 2006 23:21:12 -0500
No, that is an inbound Web page (port 80) request.
-----Original Message-----
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx]
Sent: Tuesday, January 10, 2006 11:18 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Blocking a Specific URL
http://www.ISAserver.org
Is this a VPN client connection?
Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://spaces.msn.com/members/drisa/
Book: http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
**Who is John Galt?**
> -----Original Message-----
> From: Ball, Dan [mailto:DBall@xxxxxxxxxxx]
> Sent: Tuesday, January 10, 2006 9:56 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Blocking a Specific URL
>
> http://www.ISAserver.org
>
> Strange reaction, something is not right. When I put that policy in
> place, access to the main web server are also blocked...
>
> Here is the firewall log for one connection, the source and
> destination
> network are the same for some reason...
>
> Original Client IP Client Agent Authenticated Client Service
> Server Name Referring Server Destination Host Name
> Transport MIME Type Object Source Source Proxy
> Destination Proxy Bidirectional Client Host Name Filter
> Information Network Interface Raw IP Header Raw Payload
> Source Port Processing Time Bytes Sent Bytes Received Result
> Code HTTP Status Code Cache Information Error
> Information Log Record Type Log Time Destination IP
> Destination Port Protocol URL Action Rule Client
> IP Client Username Source Network Destination Network HTTP
> Method
> 24.177.165.170 GATEWAY -
> TCP
> - -
> 4050 0 0 0 0x0 0x0 0x0 Firewall
> 1/10/2006 10:50:05 PM 207.75.63.2 80 HTTP -
> Initiated Connection Local Only Page Block 24.177.165.170
> External - Charter & Merit Networks External - Charter & Merit
> Networks -
>
>
> -----Original Message-----
> From: Ball, Dan [mailto:DBall@xxxxxxxxxxx]
> Sent: Tuesday, January 10, 2006 10:43 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Blocking a Specific URL
>
> http://www.ISAserver.org
>
> Still trying to get that working, it's not acting the way I expect.
>
> The actual URL is more like:
> http://www.domain.org/scripts/program.exe/Service=ProgramB/seplog01.w
> I blocked that URL and this variant of it:
> http://www.domain.org/scripts/program.exe/Service=ProgramB*
>
>
>
> -----Original Message-----
> From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
> Sent: Tuesday, January 10, 2006 2:26 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Blocking a Specific URL
>
> http://www.ISAserver.org
>
> That's a very logical approach and yes, it will work.
> Is there something else as part of "B" that may be more useful?
>
> -------------------------------------------------------
> Jim Harrison
> MCP(NT4, W2K), A+, Network+, PCG
> http://isaserver.org/Jim_Harrison/
> http://isatools.org
> Read the help / books / articles!
> -------------------------------------------------------
>
>
> -----Original Message-----
> From: Ball, Dan [mailto:DBall@xxxxxxxxxxx]
> Sent: Tuesday, January 10, 2006 10:46
> To: [ISAserver.org Discussion List]
> Subject: [isalist] Blocking a Specific URL
>
> http://www.ISAserver.org
>
>
> I'm trying to figure out how to block a specific URL on our Webserver.
>
>
>
> Specifically, our student database uses parameters to access different
> programs instead of different URLs.
>
>
>
> For example:
>
> http://www.domain.org/database.exe/parameter=A
> <http://www.domain.org/database.exe/parameter=A> opens one program,
> while
>
> http://www.domain.org/database.exe/parameter=B opens an entirely
> different program.
>
>
>
> I want to leave program A accessible from the Internet, but block
> program B.
>
>
>
> So, I created a firewall access policy on the ISA server
> denying access
> from External networks to a URL set containing
> http://www.domain.org/database.exe/parameter=B.
>
>
>
> Is this the best way to do it?
>
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> jim@xxxxxxxxxxxx To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
> All mail to and from this domain is GFI-scanned.
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> dball@xxxxxxxxxxx
> To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> dball@xxxxxxxxxxx
> To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion
> List as: tshinder@xxxxxxxxxxxxxxxxxx
> To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>
>
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
dball@xxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
Other related posts: