RE: Pop UP Ads

• From: "Thomas W Shinder" <tshinder@xxxxxxxxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Sun, 10 Aug 2003 10:44:17 -0500

Hi Shawn,

Great post!

Thanks!
Tom

Thomas W Shinder 
www.isaserver.org/shinder 
ISA Server and Beyond: http://tinyurl.com/1jq1 
Configuring ISA Server: http://tinyurl.com/1llp 



-----Original Message-----
From: Quillman Shawn (RBNA/CIT1.1) *
[mailto:Shawn.Quillman@xxxxxxxxxxxx] 
Sent: Friday, August 08, 2003 2:29 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Pop UP Ads


http://www.ISAserver.org



To help narrow things down, go get the GNU port of posix tools for Win32
and
use tail and grep together to watch your log in realtime.  So if the IP
of
the machine you're testing with is 1.2.3.4, then do this:

> tail -f webd20030808.log | grep 1.2.3.4

Then look for the lines that have result codes of something equalling a
deny.  I do this all the time when I open a site for all-out access, but
someone's !$#@% ad site or image host is creating authentication prompts
all
over the place.

-Shawn

-----
Shawn R. Quillman
Robert Bosch Corporation RBNA/CIT1.1
38000 Hills Tech Drive
Farmington Hills, MI  48331
(248) 553-1164 (P)     (248) 848-2855 (F)
shawn.quillman@xxxxxxxxxxxx


-----Original Message-----
From: Jim Harrison [mailto:jim@xxxxxxxxxxxx]
Sent: Friday, August 08, 2003 3:20 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Pop UP Ads


http://www.ISAserver.org


We're talking about two different things:
1. the fix does remove the name lookup requirement for Web Proxy
traffic;
BTDTGTTSWIOTIA.  If you have some evidence other than this particular
issue
to indicate otherwise, I'm all ears (looks funny, but I hear really
well).

2. the problem you still experience stems from the way ISA is comparing
the:
    - request as presented by the client
    - the destinations as listed in the problematic destination set

As I pointed out, it's very much a hit-and-miss process to isolate the
problem entry among 20MB worth of them, since the logs don't tell us
what
the actual match data was.
Consequently, you'll have to try some variation of the standard
half-split
troubleshooting method to reduce the set to the interesting entry.
This is time-consuming, but it's more accurate than the "what's broke?"
method...

 Jim Harrison
 MCP(NT4, W2K), A+, Network+, PCG
 http://www.microsoft.com/isaserver
 http://isaserver.org/Jim_Harrison
 http://isatools.org

 Read the help, books and articles!
----- Original Message ----- 
From: "Frederic Giroux" <fgiroux@xxxxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Friday, August 08, 2003 11:48
Subject: [isalist] RE: Pop UP Ads


http://www.ISAserver.org


Jim Harrison said...

_________________________________________
That fix does work in that ISA no longer tries to perform name lookups
on
client requests (tested it myself).
I recommended it to remove the possibility that reverse / fwd name
lookups
were contributing to the problem.

The fact that the rule still fires for this request means that ISA found
a
data set in the rule that matched the request.
Unfortunately, it's VERY difficult to say what specific entry was used
to
make a decision, since the logs don't include that data.
_________________________________________



Well, in my case, for some reason, it didn't work and I know for a fact
that
the sites that are inaccssible and shouldn't are NOT listed in the
destinati
on set.

Could it be the version of w3proxy.exe?  Jim, what version do you have?

Fred

______________________________
Frederic Giroux
LAN Administrator
CyberCap

fgiroux@xxxxxxxxxxxxxx
http://www.cybercap.qc.ca

33 Prince St.
Suite 301
Montreal, Qc
H3C 2M7

(514) 861-7700 ext. 303
Fax : (514) 861-7700

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
shawn.quillman@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

Other related posts:

• » Pop UP Ads
• » RE: Pop UP Ads
• » RE: Pop UP Ads
• » RE: Pop UP Ads
• » RE: Pop UP Ads
• » RE: Pop UP Ads
• » RE: Pop UP Ads
• » RE: Pop UP Ads
• » RE: Pop UP Ads
• » RE: Pop UP Ads
• » RE: Pop UP Ads
• » RE: Pop UP Ads
• » RE: Pop UP Ads
• » RE: Pop UP Ads
• » RE: Pop UP Ads
• » RE: Pop UP Ads
• » RE: Pop UP Ads
• » RE: Pop UP Ads
• » RE: Pop UP Ads
• » RE: Pop UP Ads
• » RE: Pop UP Ads
• » RE: Pop UP Ads
• » RE: Pop UP Ads
• » RE: Pop UP Ads
• » RE: Pop UP Ads

1. Home
2. isalist
3. Archive
4. 08-2003

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---