RE: Cannot block Chikka (winsock) .....

  • From: "Greg Mulholland" <greg@xxxxxxxxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Wed, 1 Feb 2006 20:42:55 +1100

From the Config node in the ISA management console. Go to firewall client 
settings and then choose application settings iirc

 
Greg Mulholland

________________________________

From: Corciega, Michael P. [mailto:MPCorciega@xxxxxxxxxxxxxx]
Sent: Wed 1/02/2006 8:04 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Cannot block Chikka (winsock) .....


http://www.ISAserver.org


Yes, I install Firewall Client only for users who require Winsock apps, but for 
plain HTTP/HTTPS only, ISA authenticates them via domain accounts. Where should 
I block the client exe? From the policy rule? 

 

Maraming Salamat Po!

MICHAEL PENALES CORCIEGA

Systems Administrator

IT Infrastructure - ICT Department

GMA Network, Incorporated

"Network isn't about computers connected, it's about people working together."

________________________________

From: Greg Mulholland [mailto:greg@xxxxxxxxxxxxxx] 
Sent: Wednesday, February 01, 2006 4:35 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Cannot block Chikka (winsock) .....

 

http://www.ISAserver.org

Are your users using the firewall client by chance. If so you can use that to 
block access to the client exe.

 

Greg Mulholland

 

________________________________

From: Corciega, Michael P. [mailto:MPCorciega@xxxxxxxxxxxxxx]
Sent: Wed 1/02/2006 6:18 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Cannot block Chikka (winsock) .....

http://www.ISAserver.org

Hi!

 

I'm having trouble here blocking a winsock apps "Chikka" (a PC base PC-Mobile 
SMS service). Below is the infos I retrieved using ethereal while connecting to 
chikka. I did everything to block it from HTTP policy rule, Methods, Headers, 
Signatures..... It can be blocked if I configure chikka to use proxy, or it's 
default port 6301, but if I change it to 443....wham!! it can still connect. I 
also created a rule to block register.chikka.com, yes it can be blocked using a 
browser but not on chikka client. Any other policies I need to reconsider.... ??

 

 

POST http://register.chikka.com/tracker.php HTTP/1.0

Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*

Content-Type: application/x-www-form-urlencoded

User-Agent: Microsoft URL Control - 6.00.8862

Host: register.chikka.com

Content-Length: 33

Pragma: no-cache

 

 

Maraming Salamat Po!

MICHAEL PENALES CORCIEGA

Systems Administrator

IT Infrastructure - ICT Department

GMA Network, Incorporated

"Network isn't about computers connected, it's about people working together."

 

DISCLAIMER:
This Message may contain confidential information intended only for the use of 
the addressee named above. If you are not the intended recipient of this 
message you are hereby notified that any use, dissemination, distribution or 
reproduction of this message is prohibited. If you received this message in 
error please notify your Mail Administrator and delete this message 
immediately. Any views expressed in this message are those of the individual 
sender and may not necessarily reflect the views of GMA Network, Inc. 
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
greg@xxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx 

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
mpcorciega@xxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx 

DISCLAIMER:
This Message may contain confidential information intended only for the use of 
the addressee named above. If you are not the intended recipient of this 
message you are hereby notified that any use, dissemination, distribution or 
reproduction of this message is prohibited. If you received this message in 
error please notify your Mail Administrator and delete this message 
immediately. Any views expressed in this message are those of the individual 
sender and may not necessarily reflect the views of GMA Network, Inc. 
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
greg@xxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx 

Other related posts: