RE: Kazaa filters

Check your ISA logs for that client's requests.
As Tom pointed out, if the app is using anything other than HTTP, the filter 
signatures are useless.

 Jim Harrison
 MCP(NT4, W2K), A+, Network+, PCG
 http://www.microsoft.com/isaserver
 http://isaserver.org/Jim_Harrison
 http://isatools.org

 Read the help, books and articles!
----- Original Message ----- 
From: "Greg Mulholland" <gmulholland@xxxxxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Tuesday, July 20, 2004 15:52
Subject: [isalist] RE: Kazaa filters


http://www.ISAserver.org

Jim 

I used tis link as a ref
http://www.microsoft.com/technet/prodtechnol/isa/2004/plan/commonapplica
tionsignatures.mspx

I then added each of the ones I wanted to apply to  temp "allow all"
rule in the firewall policy. But as Tom points out, ill need to lock
down the other ports before I think this will have full effect. I
haven't got this far as yet, but I was wondering if anyone had applied
it successfully yet.

Thanks


Greg Mulholland
Krystaltek Solutions
greg@xxxxxxxxxxxxxx
www.krystaltek.com

-----Original Message-----
From: Jim Harrison [mailto:jim@xxxxxxxxxxxx] 
Sent: Tuesday, July 20, 2004 11:35 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Kazaa filters

http://www.ISAserver.org

Where did you find these filters and exactly how did you create them in
the  HTTP Filter?

  Jim Harrison
  MCP(NT4, W2K), A+, Network+, PCG
  http://isaserver.org/Jim_Harrison/
  http://isatools.org
  Read the help / books / articles!


On Tue, 20 Jul 2004 10:59:00 +1000
 "Greg Mulholland" <gmulholland@xxxxxxxxxxxxxxx> wrote:
http://www.ISAserver.org

 
Yeah thanks John, a very valid point. I guessed I jumped the gun on that
one, cmon im bored, its just me and my ankle here.

Alright then, has anyone yet delved into the http filter and blocking
signatures for kazaa and msn and the like. I found some signatures for
kazaa yesterday and entered them in but it didn't seem to make any diff.
Interested if anyone has played with this yet. Isa 2004 of course

Greg Mulholland
Krystaltek Solutions
greg@xxxxxxxxxxxxxx
www.krystaltek.com

-----Original Message-----
From: John Tolmachoff (Lists) [mailto:johnlist@xxxxxxxxxxxxxxxxxxx]
Sent: Tuesday, July 20, 2004 10:41 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Smtp filter script

http://www.ISAserver.org

What, you do not want my advice?

:-(....

Actually, that would mean very little to you, as most spam now is using
a forged sender.

Come on Greg, do you really think it would be that easy for some one
down under?

John Tolmachoff
Engineer/Consultant/Owner
eServices For You


> -----Original Message-----
> From: Greg Mulholland [mailto:gmulholland@xxxxxxxxxxxxxxx]
> Sent: Monday, July 19, 2004 5:28 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] Smtp filter script
> 
> http://www.ISAserver.org
> 
> 
> Hey gang
> 
> Im wondering if anyone would have a solution for me at all (Joseph, 
> Jim). What im looking to do is to pull all the spam sender email 
> addresses from a mailbox folder and import them into the smtp filter.
> Most likely via a script. If I knew how to do it I'd do it myself, 
> alas I have to hunt one down.
> 
> Any ideas or scripts welcome
> 
> Greg Mulholland
> Krystaltek Solutions
> greg@xxxxxxxxxxxxxx
> www.krystaltek.com
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> World of Windows Networking: http://www.windowsnetworking.com Leading 
> Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org Windows 
> Security Resource Site: http://www.windowsecurity.com/ Network 
> Security Library: http://www.secinf.net/ Windows 2000/NT Fax
> Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> johnlist@xxxxxxxxxxxxxxxxxxx
> To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
gmulholland@xxxxxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
gmulholland@xxxxxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
jim@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist



Other related posts: