RE: ISA 2004 blocking XP local loopback

Hi Tom.
I don't see your reply.  Do you mind sending again?
_______________________________________________
Eric Poole, CISSP
Senior Information Security Analyst
Community Medical Centers
1140 "T" Street, Fresno, California 93721
559-459-6784 (phone) 559-459-2045 (fax)
 

-----Original Message-----
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] 
Sent: Monday, January 16, 2006 8:54 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: ISA 2004 blocking XP local loopback

http://www.ISAserver.org

Hi Eric,

Try what I said.

Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://spaces.msn.com/members/drisa/
Book: http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
**Who is John Galt?**

 

> -----Original Message-----
> From: Eric Poole [mailto:EPoole@xxxxxxxxxxxxxxxxxxxx]
> Sent: Monday, January 16, 2006 10:49 AM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: ISA 2004 blocking XP local loopback
> 
> http://www.ISAserver.org
> 
> Ok, here's the results.
> 
> The del command got rid of a ton of scripts from the temporary 
> internet files.
> 
> After launching IE and running the dir command I get file not found.
> _______________________________________________
> Eric Poole, CISSP
> Senior Information Security Analyst
> Community Medical Centers
> 1140 "T" Street, Fresno, California 93721
> 559-459-6784 (phone) 559-459-2045 (fax)
>  
> 
> -----Original Message-----
> From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
> Sent: Saturday, January 14, 2006 12:36 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: ISA 2004 blocking XP local loopback
> 
> http://www.ISAserver.org
> 
> I might have considered that if the error was not IE-generated as 
> opposed to some AX control or user-side script error.
> 
> Here's the upshot...
> IE attempts to make a proxy connection for any IP address (yes, 
> including 127/8) when it's configured as either:
> 1. "auto-detect" or "config url" and either
>   - no script is received
>   - the script forces this behavior
> 2. "use a proxy server" and "bypass" is unchecked
> 
> Eric also stated that IE was configured to obtain the script from 
> http://fchap082.cmcinet.org:8080/array.dll?Get.Routing.Script.
> This is why I was interested in the contents of the script.
> 
> I did lie, though - the file to be searched for and deleted was not 
> "array.dll", but "array*.script".
> 
> Eric, could you retry with that filename?
> 
> --------------------------------------------
> Jim Harrison
> MCP(NT4, W2K), A+, Network+, PCG
> http://isaserver.org/Jim_Harrison/
> http://isatools.org
> Read the help / books / articles!
> --------------------------------------------
> -----Original Message-----
> From: Young, Gerald G [mailto:Gerald.Young@xxxxxxxxxx]
> Sent: Saturday, January 14, 2006 11:17 AM
> To: [ISAserver.org Discussion List]
> Subject: RE: [isalist] RE: ISA 2004 blocking XP local loopback
> 
> Eric stated he was connecting to a database via IE.  While IE is the 
> client, there still needs to be some kind of interface with the 
> database, most likely a user or system DSN.  And while the command may

> not have worked it's 1) easy to execute and 2) easy to revert from if 
> it doesn't work.
>  
> Nothing wrong with testing. :)  Afterall, even if it doesn't work, you

> now know WinHTTP isn't a problem, which allows you to remove it with 
> certainty from the realm of possible causes.
>  
> Cordially yours,
> Jerry G. Young II
>   MCSE (4.0/W2K)
> Atlanta EES Implementation Team Lead
> HHS Engineering
> Unisys
> 11493 Sunset Hills Rd.
> Reston, VA 20190
> Office: 703-579-2727
> Cell: 703-625-1468
> THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE 
> PROPRIETARY MATERIAL and is thus for use only by the intended 
> recipient. If you received this in error, please contact the sender 
> and delete the e-mail and its attachments from all computers.
> 
> ________________________________
> 
> From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
> Sent: Sat 1/14/2006 12:11 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: ISA 2004 blocking XP local loopback
> 
> 
> 
> http://www.ISAserver.org <http://www.ISAserver.org/>
> 
> IE still uses WinInet and proxycfg only affects WinHTTP.
> That commands while useful for WinHTTP-based clients (BITS, OL2K3, 
> etc.) and is completely useless for IE-based connections.
> 
> --------------------------------------------
> Jim Harrison
> MCP(NT4, W2K), A+, Network+, PCG
> http://isaserver.org/Jim_Harrison/
> http://isatools.org <http://isatools.org/> Read the help / books / 
> articles!
> --------------------------------------------
> 
> -----Original Message-----
> From: Young, Gerald G [mailto:Gerald.Young@xxxxxxxxxx]
> Sent: Friday, January 13, 2006 1:06 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: ISA 2004 blocking XP local loopback
> 
> http://www.ISAserver.org <http://www.ISAserver.org/>
> 
> Eric,
> 
> Here's one other thing to try.  At the command prompt, execute the 
> following command:
> 
> proxycfg -p <web proxy ip:port>
> 
> If that doesn't work, use the following command to reset it:
> 
> proxycfg -d
> 
> Cordially yours,
> Jerry G. Young II
>   MCSE (4.0/W2K)
> Atlanta EES Implementation Team Lead
> HHS Engineering
> Unisys
> 
> 11493 Sunset Hills Rd.
> Reston, VA 20190
> Office: 703-579-2727
> Cell: 703-625-1468
> 
> THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE 
> PROPRIETARY MATERIAL and is thus for use only by the intended 
> recipient. If you received this in error, please contact the sender 
> and delete the e-mail and its attachments from all computers.
> -----Original Message-----
> From: Eric Poole [mailto:EPoole@xxxxxxxxxxxxxxxxxxxx]
> Sent: Friday, January 13, 2006 3:53 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: ISA 2004 blocking XP local loopback
> 
> http://www.ISAserver.org <http://www.ISAserver.org/>
> 
> Hmmm, here's what I get, keep in mind that everything else works like 
> it should.
> 
> When I type the del command I get "Could Not Find C:\*array.dll*"
> 
> After I reload the script and type the dir command I get "File Not 
> Found"
> 
> Same thing if I change it to "Automatically detect proxy server" and 
> type dir, I get "File Not Found".
> 
> Like I said, everything else is working as it should.  It has to be 
> getting the correct script changes.  I can see the traffic change from

> one ISA to the next as I change script settings.
> 
> 
> -----Original Message-----
> From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
> Sent: Friday, January 13, 2006 12:27 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: ISA 2004 blocking XP local loopback
> 
> http://www.ISAserver.org <http://www.ISAserver.org/>
> 
> Nope - that won't work in this case.
> 
> Eric, do you know for certain that the browser is getting the wpad 
> script?
> You can tell by:
> 1. close all IE sessions
> 2. open a cmd window
> 3. type 'del \*array.dll* /s'
> 4. open IE and retry the connection
> In the cmd window type 'dir \*array.dll* /s'
> 
> ..do you see any new scripts?
> -------------------------------------------------------
>    Jim Harrison
>    MCP(NT4, W2K), A+, Network+, PCG
>    http://isaserver.org/Jim_Harrison/
>    http://isatools.org <http://isatools.org/> 
>    Read the help / books / articles!
> -------------------------------------------------------
> 
> 
> -----Original Message-----
> From: Mark Morgan [mailto:MMorgan@xxxxxxxxxxxxxxxxxxxxx]
> Sent: Friday, January 13, 2006 12:20
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: ISA 2004 blocking XP local loopback
> 
> http://www.ISAserver.org <http://www.ISAserver.org/>
> 
> 
> http://support.microsoft.com/kb/262981/?sd=RMVP
> 
> Thank You
> Mark J Morgan
> Palm Drive Hospital
> 501 Petaluma Ave. Sebastopol, Ca. 95472
> Email:    mmorgan@xxxxxxxxxxxxxxxxxxxxx
> Voice:    (707) 829-4242
> Fax:       (707) 829-4112
> Mobile    (707) 849-5576
> 
> IMPORTANT Notice: The information contained in this e-mail, including 
> any attachments or other embedded messages, is legally privileged and 
> confidential and is intended only for the use of the individual or 
> entity to whom it is addressed. If the reader of this message is not 
> the intended recipient or an agent responsible for delivering it to 
> the intended recipient, you are hereby notified that any viewing, 
> dissemination, distribution, retransmitting, or copying of this e-mail

> message is strictly prohibited. If you have received and/or are 
> viewing this e-mail in error, please notify the sender immediately by 
> reply e-mail, and delete this and all copies of this communication 
> from your systems. Thank you.
> 
> 
> -----Original Message-----
> From: Eric Poole [mailto:EPoole@xxxxxxxxxxxxxxxxxxxx]
> Sent: Friday, January 13, 2006 12:02 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: ISA 2004 blocking XP local loopback
> 
> http://www.ISAserver.org <http://www.ISAserver.org/>
> 
> Oops, sorry.
> "Use automatic configuration script" is checked and the default 
> address that ISA creates is in for the address.
> Example - ISA 2004 -
> http://fchap082.cmcinet.org:8080/array.dll?Get.Routing.Script
> 
> -----Original Message-----
> From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
> Sent: Friday, January 13, 2006 11:57 AM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: ISA 2004 blocking XP local loopback
> 
> http://www.ISAserver.org <http://www.ISAserver.org/>
> 
> ..and the proxy settings?
> 
> 
> -------------------------------------------------------
>    Jim Harrison
>    MCP(NT4, W2K), A+, Network+, PCG
>    http://isaserver.org/Jim_Harrison/
>    http://isatools.org <http://isatools.org/> 
>    Read the help / books / articles!
> -------------------------------------------------------
> 
> 
> -----Original Message-----
> From: Eric Poole [mailto:EPoole@xxxxxxxxxxxxxxxxxxxx]
> Sent: Friday, January 13, 2006 11:32
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: ISA 2004 blocking XP local loopback
> 
> http://www.ISAserver.org <http://www.ISAserver.org/>
> 
> It's a local database that is accessed via http://127.0.0.1:8080 
> <http://127.0.0.1:8080/>  in IE.
> _______________________________________________
> Eric Poole, CISSP
> Senior Information Security Analyst
> Community Medical Centers
> 1140 "T" Street, Fresno, California 93721
> 559-459-6784 (phone) 559-459-2045 (fax)
> 
> 
> -----Original Message-----
> From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
> Sent: Friday, January 13, 2006 11:08 AM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: ISA 2004 blocking XP local loopback
> 
> http://www.ISAserver.org <http://www.ISAserver.org/>
> 
> What is the application; IE, Firefox, etc.?
> What are the proxy settings on that app?
> 
> 
> -------------------------------------------------------
>    Jim Harrison
>    MCP(NT4, W2K), A+, Network+, PCG
>    http://isaserver.org/Jim_Harrison/
>    http://isatools.org <http://isatools.org/> 
>    Read the help / books / articles!
> -------------------------------------------------------
> 
> 
> -----Original Message-----
> From: Eric Poole [mailto:EPoole@xxxxxxxxxxxxxxxxxxxx]
> Sent: Friday, January 13, 2006 10:15
> To: [ISAserver.org Discussion List]
> Subject: [islist] ISA 2004 blocking XP local loopback
> 
> http://www.ISAserver.org <http://www.ISAserver.org/>
> 
> 
> Ok, I've been looking for the answer to this for about 45min. 
>  Why would
> ISA 2004 block a workstation from getting to 127.0.0.1?  Same 
> workstation going through ISA 2000 is able to access it's local 
> loopback.  Someone enlighten me please!
> 
> _______________________________________________
> Eric Poole, CISSP
> Senior Information Security Analyst
> Community Medical Centers <http://communitymedical.org/> 1140 "T"
> Street, Fresno, California 93721
> 559-459-6784 (phone) 559-459-2045 (fax)
> 
> 
> 
> 
> All mail to and from this domain is GFI-scanned.
> 
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com <http://www.techgenix.com/>
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> gerald.young@xxxxxxxxxx
> To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
> 
> 
> 
> All mail to and from this domain is GFI-scanned.
> 
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> epoole@xxxxxxxxxxxxxxxxxxxx
> To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
> -------------------------------------------------------
> WARNING/CONFIDENTIAL: 
> -------------------------------------------------------
> This email, including attachments, may contain information that is 
> privileged, confidential, and/or exempt from disclosure under 
> applicable law (including, but not limited to, protected health 
> information).  It is not intended for transmission to, or receipt by, 
> any unauthorized persons.  If the reader of this message is not the 
> intended recipient you are hereby notified that any dissemination, 
> distribution or copying of this communication is strictly prohibited.

> If you believe this email was sent to you in error, do not read it.
>  Reply to the sender informing them of the error and then destroy all 
> copies and attachments of the message from your
> system.   Thank you.
> 
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:

> tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit 
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
> 
> 

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
epoole@xxxxxxxxxxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
-------------------------------------------------------
WARNING/CONFIDENTIAL: 
-------------------------------------------------------
This email, including attachments, may contain information that is privileged, 
confidential, and/or exempt from disclosure under applicable law (including, 
but not limited to, protected health information).  It is not intended for 
transmission to, or receipt by, any unauthorized persons.  If the reader of 
this message is not the intended recipient you are hereby notified that any 
dissemination, distribution or copying of this communication is strictly 
prohibited.  If you believe this email was sent to you in error, do not read 
it.   Reply to the sender informing them of the error and then destroy all 
copies and attachments of the message from your system.   Thank you.



Other related posts: