Re: Destination Sets
- From: "Jim Harrison" <jim@xxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Tue, 11 Mar 2003 21:13:29 -0800
Actually, I prefer this mechanism.
It's clearer (*.sex.com <> sex.com), IMHO.
You may have misunderstood the suggestion.
You should enter "sex.com" and "*.sex.com", not "*sex.com."
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://www.microsoft.com/isaserver
http://isaserver.org/Jim_Harrison
http://isatools.org
Read the help, books and articles!
----- Original Message -----
From: "Bill Russell - VP/IT Dept." <BRussell@xxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Tuesday, March 11, 2003 12:52
Subject: [isalist] Destination Sets
http://www.ISAserver.org
I have been grappling with this problem for three months now. In
Miicrosoft's Proxyserver, you could blcok a domain by entering a single
entry "*.sex.com" and it would block "sex.com", "www.sex.com",
"mail.sex.com" but not "essex.com".
In ISA server, you have to make two entries to obtain the same result,
"sex.com" and "*.sex.com". If you enter "*.sex.com" only, it will block
"www.sex.com" but not "sex.com". It has been suggested that I enter
"*sex.com", but this blocks "essex.com" as well, which is not the result
I am looking for.
Am I missing something or has Microsoft has taken a step backwards in
the use of wildcards in the destination sets?
Bill Russell
Vice President, Information Technology
Balboa Travel
(858) 678-3350
-----Original Message-----
From: Jim Harrison [mailto:jim@xxxxxxxxxxxx]
Sent: Tuesday, March 11, 2003 8:56 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: isa ad blocking
http://www.ISAserver.org
You can also use a tool which was designed specifically for log parsing:
http://download.microsoft.com/download/iis50/Utility/2.0/NT5XP/EN-US/set
up.e
xe
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG http://www.microsoft.com/isaserver
http://isaserver.org/Jim_Harrison
http://isatools.org
Read the help, books and articles!
----- Original Message -----
From: "Quillman Shawn (RBNA/CIT1.1) *" <Shawn.Quillman@xxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Tuesday, March 11, 2003 05:54
Subject: [isalist] RE: isa ad blocking
http://www.ISAserver.org
This message is in MIME format. Since your mail reader does not
understand this format, some or all of this message may not be legible.
------------------------------------------------------------------------
----
----
You could parse the logs for the name of the rule that denies the
destination set and then parse that for 407 and 12209 (proxy
authentication required codes). Setup a job to do it if you wish to
automate it. That of course assumes that you're logging those fields.
Go get the GNU Posix tools for NT, grep is a wonderful thing.
-Shawn
-----
Shawn R. Quillman
Robert Bosch Corporation RBNA/CIT1.1
38000 Hills Tech Drive
Farmington Hills, MI 48331
(248) 553-1164 (P) (248) 848-2855 (F)
shawn.quillman@xxxxxxxxxxxx
-----Original Message-----
From: Greg Mulholland [mailto:greg_mul@xxxxxxxxxxxxxxx]
Sent: Tuesday, March 11, 2003 5:53 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] isa ad blocking
http://www.ISAserver.org
Steve may be best to answer this, but others feel free. Is there anyway
of tracking what websites are being blocked by the destination sets
created by the isa_ads file.
Thanks
Greg Mulholland
Technical Services Manager
Harvey Norman - Knox
Melbourne, Australia
greg_mul@xxxxxxxxxxxxxxx <mailto:Greg_mul@xxxxxxxxxxxxxxx>
+613 9881-3730
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/ Windows
Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT
Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
shawn.quillman@xxxxxxxxxxxx To unsubscribe send a blank email to
$subst('Email.Unsub')
------------------------------------------------------------------------
----
----
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/ Windows
Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT
Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx To unsubscribe send a blank email to
$subst('Email.Unsub')
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/ Windows
Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT
Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
brussell@xxxxxxxxxx To unsubscribe send a blank email to
$subst('Email.Unsub')
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/
Windows Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
Other related posts:
