[isalist] Re: Interesting question...

http://www.ISAserver.org
-------------------------------------------------------
  
Is that ignorance you are showing?  That's funny... It looked like your ass
to me ;))))))))


t


On 3/30/06 5:52 PM, "Steve Moffat" <steve@xxxxxxxxxx> spoketh to all:

> http://www.ISAserver.org
> -------------------------------------------------------
> 
> Showing my ignorance again...:(..I always thought NAT supplied the
> external IP to hide your internals...oh well, one learns something new
> every day about tcp stuff.....
> 
> S
> -----Original Message-----
> From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
> On Behalf Of Jim Harrison
> Sent: Thursday, March 30, 2006 9:51 PM
> To: ISA Mailing List
> Subject: [isalist] Re: Interesting question...
> 
> http://www.ISAserver.org
> -------------------------------------------------------
>   
> Nope - it's not. 
> NAT doesn't break the TCP connection; proxy does.
> 
> This is CERN proxy behavior; the upstream server is blissfully ignorant
> of the "real" client IP.
> It *may * have access to such niceties as user-agent, but those are not
> guaranteed.
> 
> -------------------------------------------------------
>    Jim Harrison
>    MCP(NT4, W2K), A+, Network+, PCG
>    http://isaserver.org/Jim_Harrison/
>    http://isatools.org
>    Read the help / books / articles!
> -------------------------------------------------------
>  
> 
> -----Original Message-----
> From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
> On Behalf Of Steve Moffat
> Sent: Thursday, March 30, 2006 17:31
> To: ISA Mailing List
> Subject: [isalist] Re: Interesting question...
> 
> You are correct, It's doing NAT.
> 
>  
> 
> S
> 
>  
> 
> ________________________________
> 
> From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
> On Behalf Of Ball, Dan
> Sent: Thursday, March 30, 2006 8:26 PM
> To: ISA Mailing List
> Subject: [isalist] Interesting question...
> 
>  
> 
> I was trying to assist someone with logging traffic, and this is the
> explanation I got...
> 
>  
> 
> ----------Quote----------
> 
> Our network consists of a single Internet filter on the outisde
> 
> (Screendoor) with several ISA 2000 and 2004 servers behind it.  The
> client computer makes a request to a web site that will be blocked by
> screen door, it passes out the ISA server to Screendoor, Screendoor
> blocks it and the client ends up with a page could not be displayed
> message.  Of course Screendoor in that example doesn't know what private
> ip address that request came from only the ISA server does, in my case
> the ISA 2004 server is configured in firewall/cache mode.  Because of
> the problem we had been having with screendoor allowing the bad site to
> load if the user refreshed enough times we told screendoor to redirect
> the user to another site instead of just blocking them.  The redirected
> site will be on our local web server.  What I was asking is if we could
> embed a script of some sort on that local web site that would collect
> their private ip address as well as the local nds/ad username and store
> it in a log file.  I'm trying to avoid requiring the users to login to
> the Internet separately from logging into the network and because the
> Internet filter is outside the firewall integrating it with nds/ad isn't
> really an option either.  We're ultimately moving to a Dansguardian
> solution anyway and possibly several of them (inside each firewall and
> one possibly outside the firwall where Screendoor currently sits) so it
> will become a mute point eventually anyway.
> 
> ----------End Quote----------
> 
>  
> 
> Am I correct to assume that all traffic coming out of the ISA server
> would be stripped of all identifying information, and the server it was
> redirected to would only show the IP of the screendoor/ISA server?
> 
>  
> 
>  
> 
> 
> All mail to and from this domain is GFI-scanned.
> 
> ------------------------------------------------------
> List Archives: http://www.freelists.org/archives/isalist/
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server Articles and Tutorials:
> http://www.isaserver.org/articles_tutorials/
> ISA Server Blogs: http://blogs.isaserver.org/
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
> Report abuse to listadmin@xxxxxxxxxxxxx
> 
> ------------------------------------------------------
> List Archives: http://www.freelists.org/archives/isalist/
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server Articles and Tutorials:
> http://www.isaserver.org/articles_tutorials/
> ISA Server Blogs: http://blogs.isaserver.org/
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
> Report abuse to listadmin@xxxxxxxxxxxxx
> 
> 
> 


------------------------------------------------------
List Archives: http://www.freelists.org/archives/isalist/  
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp 
ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/ 
ISA Server Blogs: http://blogs.isaserver.org/ 
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com 
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp 
Report abuse to listadmin@xxxxxxxxxxxxx

Other related posts: