RE: Blocking a Specific URL

  • From: "Ball, Dan" <DBall@xxxxxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Tue, 10 Jan 2006 22:55:45 -0500

Strange reaction, something is not right.  When I put that policy in
place, access to the main web server are also blocked...

Here is the firewall log for one connection, the source and destination
network are the same for some reason...

Original Client IP      Client Agent    Authenticated Client    Service
Server Name     Referring Server        Destination Host Name
Transport       MIME Type       Object Source   Source Proxy
Destination Proxy       Bidirectional   Client Host Name        Filter
Information     Network Interface       Raw IP Header   Raw Payload
Source Port     Processing Time Bytes Sent      Bytes Received  Result
Code    HTTP Status Code        Cache Information       Error
Information     Log Record Type Log Time        Destination IP
Destination Port        Protocol        URL     Action  Rule    Client
IP      Client Username Source Network  Destination Network     HTTP
Method
24.177.165.170                          GATEWAY -               TCP
-                                               -
4050    0       0       0       0x0             0x0     0x0     Firewall
1/10/2006 10:50:05 PM   207.75.63.2     80      HTTP    -
Initiated Connection    Local Only Page Block   24.177.165.170
External - Charter & Merit Networks     External - Charter & Merit
Networks        -


-----Original Message-----
From: Ball, Dan [mailto:DBall@xxxxxxxxxxx] 
Sent: Tuesday, January 10, 2006 10:43 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Blocking a Specific URL

http://www.ISAserver.org

Still trying to get that working, it's not acting the way I expect.

The actual URL is more like:
http://www.domain.org/scripts/program.exe/Service=ProgramB/seplog01.w
I blocked that URL and this variant of it:
http://www.domain.org/scripts/program.exe/Service=ProgramB*



-----Original Message-----
From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] 
Sent: Tuesday, January 10, 2006 2:26 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Blocking a Specific URL

http://www.ISAserver.org

That's a very logical approach and yes, it will work. 
Is there something else as part of "B" that may be more useful?

-------------------------------------------------------
   Jim Harrison
   MCP(NT4, W2K), A+, Network+, PCG
   http://isaserver.org/Jim_Harrison/
   http://isatools.org
   Read the help / books / articles!
-------------------------------------------------------
 

-----Original Message-----
From: Ball, Dan [mailto:DBall@xxxxxxxxxxx] 
Sent: Tuesday, January 10, 2006 10:46
To: [ISAserver.org Discussion List]
Subject: [isalist] Blocking a Specific URL

http://www.ISAserver.org


I'm trying to figure out how to block a specific URL on our Webserver.

 

Specifically, our student database uses parameters to access different
programs instead of different URLs.  

 

For example:

http://www.domain.org/database.exe/parameter=A
<http://www.domain.org/database.exe/parameter=A>   opens one program,
while

http://www.domain.org/database.exe/parameter=B  opens an entirely
different program.

 

I want to leave program A accessible from the Internet, but block
program B.

 

So, I created a firewall access policy on the ISA server denying access
from External networks to a URL set containing
http://www.domain.org/database.exe/parameter=B.  

 

Is this the best way to do it?

 

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx 

All mail to and from this domain is GFI-scanned.


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
dball@xxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
dball@xxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

Other related posts:

  1. Home
  2. isalist
  3. Archive
  4. 01-2006