Re: Authentication on outgoing web requests on ISA
- From: "Jim Harrison" <jim@xxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Sat, 17 Apr 2004 07:24:00 -0700
Quit using hotbar.
It and Gator (that comes with it) are some of the worst spyware apps on the
Internet.
The only successful connection (sc-result = 200) wasn't anonymous:
172.20.45.79, RIYADH\jtena, Mozilla/4.0 (compatible; MSIE 5.01; Windows NT
5.0; Hotbar 4.4.2.0), Y, 4/16/2004, 0:14:38, w3proxy, IT-ISA01, -,
212.93.193.87, 212.93.193.87, 8080, 500, 488, 495, http, -, GET,
http://spweather.whenu.com/summary/SA/XX/0017.html
<http://spweather.whenu.com/summary/SA/XX/0017.html> , -, Upstream, 200, -,
Your username "RIYADH\jtena" is clearly listed in the log.
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://www.microsoft.com/isaserver
http://isaserver.org/Jim_Harrison
http://isatools.org
Read the help, books and articles!
----- Original Message -----
From: <mathif@xxxxxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Saturday, April 17, 2004 02:58
Subject: [isalist] Authentication on outgoing web requests on ISA
http://www.ISAserver.org
Hi Folks,
I have a question regarding Authentication in ISA. I have defined
Authentication on outgoing web requests on ISA. Even then, I can see
Anonymous in the logs. What is the exact reason for this behavior and how
can I avoid this??
172.20.70.176, anonymous, Gator/4.1 Precision Time
{57FDF598-7C93-400F-B877-1FDE9DB7793A}, N, 4/16/2004, 0:00:20, w3proxy,
IT-ISA01, -, gatorcme.gator.com, -, 80, 0, 424, 4168, http, -, GET,
http://gatorcme.gator.com/gatorcme/autoupdate/installprecisiontime.exe
<http://gatorcme.gator.com/gatorcme/autoupdate/installprecisiontime.exe> ,
-, -, 407, -, -, -
172.20.70.176, anonymous, Gator/4.1 Date Manager
{57FDF598-7C93-400F-B877-1FDE9DB7793A}, N, 4/16/2004, 0:00:20, w3proxy,
IT-ISA01, -, gatorcme.gator.com, -, 80, 0, 420, 4168, http, -, GET,
http://gatorcme.gator.com/gatorcme/autoupdate/installdatemanager.exe
<http://gatorcme.gator.com/gatorcme/autoupdate/installdatemanager.exe> , -,
-, 407, -, -, -
172.20.70.176, anonymous, Gator/4.1 Precision Time
{57FDF598-7C93-400F-B877-1FDE9DB7793A}, N, 4/16/2004, 0:00:20, w3proxy,
IT-ISA01, -, gatorcme.gator.com, -, 80, 0, 0, 936, http, -, GET,
http://gatorcme.gator.com/gatorcme/autoupdate/installprecisiontime.exe
<http://gatorcme.gator.com/gatorcme/autoupdate/installprecisiontime.exe> ,
-, -, 407, -, -, -
172.20.70.176, anonymous, Gator/4.1 Date Manager
{57FDF598-7C93-400F-B877-1FDE9DB7793A}, N, 4/16/2004, 0:00:20, w3proxy,
IT-ISA01, -, gatorcme.gator.com, -, 80, 0, 0, 932, http, -, GET,
http://gatorcme.gator.com/gatorcme/autoupdate/installdatemanager.exe
<http://gatorcme.gator.com/gatorcme/autoupdate/installdatemanager.exe> , -,
-, 407, -, -, -
172.20.70.176, RIYADH\salmaliek, Gator/4.1 Precision Time
{57FDF598-7C93-400F-B877-1FDE9DB7793A}, Y, 4/16/2004, 0:00:20, w3proxy,
IT-ISA01, -, -, -, 0, 0, 676, 0, -, -, GET,
http://gatorcme.gator.com/gatorcme/autoupdate/installprecisiontime.exe
<http://gatorcme.gator.com/gatorcme/autoupdate/installprecisiontime.exe> ,
-, -, 12209, -, -, -
172.20.70.176, RIYADH\salmaliek, Gator/4.1 Date Manager
{57FDF598-7C93-400F-B877-1FDE9DB7793A}, Y, 4/16/2004, 0:00:20, w3proxy,
IT-ISA01, -, -, -, 0, 0, 672, 0, -, -, GET,
http://gatorcme.gator.com/gatorcme/autoupdate/installdatemanager.exe
<http://gatorcme.gator.com/gatorcme/autoupdate/installdatemanager.exe> , -,
-, 12209, -, -, -
172.20.70.176, anonymous, Gator/4.1 Precision Time
{57FDF598-7C93-400F-B877-1FDE9DB7793A}, N, 4/16/2004, 0:00:20, w3proxy,
IT-ISA01, -, gatorcme.gator.com, -, 80, 0, 467, 4168, http, -, GET,
http://gatorcme.gator.com/gatorcme/autoupdate/precisiontime.ini
<http://gatorcme.gator.com/gatorcme/autoupdate/precisiontime.ini> , -, -,
407, -, -, -
172.20.70.176, anonymous, Gator/4.1 Precision Time
{57FDF598-7C93-400F-B877-1FDE9DB7793A}, N, 4/16/2004, 0:00:20, w3proxy,
IT-ISA01, -, gatorcme.gator.com, -, 80, 0, 0, 979, http, -, GET,
http://gatorcme.gator.com/gatorcme/autoupdate/precisiontime.ini
<http://gatorcme.gator.com/gatorcme/autoupdate/precisiontime.ini> , -, -,
407, -, -, -
172.20.70.176, RIYADH\salmaliek, Gator/4.1 Precision Time
{57FDF598-7C93-400F-B877-1FDE9DB7793A}, Y, 4/16/2004, 0:00:20, w3proxy,
IT-ISA01, -, -, -, 0, 0, 719, 0, -, -, GET,
http://gatorcme.gator.com/gatorcme/autoupdate/precisiontime.ini
<http://gatorcme.gator.com/gatorcme/autoupdate/precisiontime.ini> , -, -,
12209, -, -, -
----------------------------------------------------------------------------
----------------------------------------------------------------------------
----------------------------------------------------------------------------
------------------
172.20.45.79, anonymous, Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0;
Hotbar 4.4.2.0), N, 4/16/2004, 0:14:37, w3proxy, IT-ISA01, -,
spweather.whenu.com, -, 80, 0, 268, 4114, http, -, GET,
http://spweather.whenu.com/summary/SA/XX/0017.html
<http://spweather.whenu.com/summary/SA/XX/0017.html> , -, -, 407, -, -, -
172.20.45.79, anonymous, Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0;
Hotbar 4.4.2.0), N, 4/16/2004, 0:14:37, w3proxy, IT-ISA01, -,
spweather.whenu.com, -, 80, 0, 0, 718, http, -, GET,
http://spweather.whenu.com/summary/SA/XX/0017.html
<http://spweather.whenu.com/summary/SA/XX/0017.html> , -, -, 407, -, -, -
172.20.45.79, RIYADH\jtena, Mozilla/4.0 (compatible; MSIE 5.01; Windows NT
5.0; Hotbar 4.4.2.0), Y, 4/16/2004, 0:14:38, w3proxy, IT-ISA01, -,
212.93.193.87, 212.93.193.87, 8080, 500, 488, 495, http, -, GET,
http://spweather.whenu.com/summary/SA/XX/0017.html
<http://spweather.whenu.com/summary/SA/XX/0017.html> , -, Upstream, 200, -,
-, -
>From the logs, I can see initially it will be anonymous, at the end of line
it says 407 which means authentication required which is defined on Outgoing
Web Requests,then why does it shows ANONYMOUS. How do I avoid this??!!
TIA,
Athif
-----------------------------------------------------
This email and any files transmitted with it are confidential and intended
solely for the use of the individual or entity to whom/which they are
addressed. If you have received this email in error please notify the system
manager at the following email address: sadmin@xxxxxxxxxxxxxxx
<mailto:sadmin@xxxxxxxxxxxxxxx>. Please note that any views or opinions
presented in this email are solely those of the author and do not
necessarily represent those of Al Faisaliah Group. Internet communications
cannot be guaranteed to be secure or error-free as information could be
intercepted, corrupted, lost, arrive late or contain viruses. The sender
therefore does not accept liability for any errors or omissions in the
context of this message, which arise as a result of Internet transmission.
Finally, the recipient should check this email and any attachments for the
presence of viruses. Al Faisaliah Group accepts no liability for any damage
caused by any virus transmitted by this email.
-----------------------------------------------------
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
Other related posts:
