Re: Anonymous Session

  • From: "Eric Poole" <EPoole@xxxxxxxxxxxxxxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Wed, 10 Sep 2003 11:45:41 -0700

My bad.  You're correct.  What I was meaning to refer to is that the
anonymous connections stop showing up as active sessions, they are still
logged.

Eric Poole
IS Security Analyst
Community Medical Centers <http://communitymedical.org/> 
1140 "T" Street, Fresno, California  93721
559-459-6784 (phone)  559-459-2045 (fax)


                -----Original Message-----
                From: "Jim Harrison" <jim@xxxxxxxxxxxx>@CHCC 
                Sent: Wednesday, September 10, 2003 11:34 AM
                To: [ISAserver.org Discussion List]
                Subject: [isalist] Re: Anonymous Session

                http://www.ISAserver.org


                'snot true.
                ISA still sees and logs anonymous requests.
                That setting just changes the point where ISA asks for
credentials.
                With that setting off, the web proxy doesn't ask until
some rule requires
                knowledge of the user's credentials.
                With that setting on, the web proxy always asks.

                Jim Harrison
                MCP(NT4, W2K), A+, Network+, PCG
                http://www.microsoft.com/isaserver
                http://isaserver.org/Jim_Harrison
                http://isatools.org

                Read the help, books and articles!
                ----- Original Message -----
                From: "Eric Poole" <EPoole@xxxxxxxxxxxxxxxxxxxx>
                To: "[ISAserver.org Discussion List]"
<isalist@xxxxxxxxxxxxx>
                Sent: Wednesday, September 10, 2003 09:21
                Subject: [isalist] Re: Anonymous Session


                http://www.ISAserver.org


                But, if you go to your ISA server properties on the
"Outgoing Web
                Requests" and check "Ask unauthenticated users for
identification", then
                you no longer see the anonymous requests.

                Eric Poole
                IS Security Analyst
                Community Medical Centers <http://communitymedical.org/>
                1140 "T" Street, Fresno, California  93721
                559-459-6784 (phone)  559-459-2045 (fax)


                -----Original Message-----
                From: "Jim Harrison" <jim@xxxxxxxxxxxx>@CHCC
                Sent: Wednesday, September 10, 2003 7:25 AM
                To: [ISAserver.org Discussion List]
                Subject: [isalist] Re: Anonymous Session

                http://www.ISAserver.org


                Not at the ISA server.

                Jim Harrison
                MCP(NT4, W2K), A+, Network+, PCG
                http://www.microsoft.com/isaserver
                http://isaserver.org/Jim_Harrison
                http://isatools.org

                Read the help, books and articles!
                ----- Original Message -----
                From: "Alex S. Pereira" <9047.alexsp@xxxxxxxxxxxxx>
                To: "[ISAserver.org Discussion List]"
                <isalist@xxxxxxxxxxxxx>
                Sent: Wednesday, September 10, 2003 07:09
                Subject: [isalist] Re: Anonymous Session


                http://www.ISAserver.org


                But is not there nothing to prevent this ?

                Alex

Other related posts:

  1. Home
  2. isalist
  3. Archive
  4. 09-2003