[isalist] Re: Interesting question...
- From: "Thor (Hammer of God)" <thor@xxxxxxxxxxxxxxx>
- To: "isalist@xxxxxxxxxxxxx" <isalist@xxxxxxxxxxxxx>
- Date: Thu, 30 Mar 2006 18:07:57 -0800
http://www.ISAserver.org
-------------------------------------------------------
Is that ignorance you are showing? That's funny... It looked like your ass
to me ;))))))))
t
On 3/30/06 5:52 PM, "Steve Moffat" <steve@xxxxxxxxxx> spoketh to all:
> http://www.ISAserver.org
> -------------------------------------------------------
>
> Showing my ignorance again...:(..I always thought NAT supplied the
> external IP to hide your internals...oh well, one learns something new
> every day about tcp stuff.....
>
> S
> -----Original Message-----
> From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
> On Behalf Of Jim Harrison
> Sent: Thursday, March 30, 2006 9:51 PM
> To: ISA Mailing List
> Subject: [isalist] Re: Interesting question...
>
> http://www.ISAserver.org
> -------------------------------------------------------
>
> Nope - it's not.
> NAT doesn't break the TCP connection; proxy does.
>
> This is CERN proxy behavior; the upstream server is blissfully ignorant
> of the "real" client IP.
> It *may * have access to such niceties as user-agent, but those are not
> guaranteed.
>
> -------------------------------------------------------
> Jim Harrison
> MCP(NT4, W2K), A+, Network+, PCG
> http://isaserver.org/Jim_Harrison/
> http://isatools.org
> Read the help / books / articles!
> -------------------------------------------------------
>
>
> -----Original Message-----
> From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
> On Behalf Of Steve Moffat
> Sent: Thursday, March 30, 2006 17:31
> To: ISA Mailing List
> Subject: [isalist] Re: Interesting question...
>
> You are correct, It's doing NAT.
>
>
>
> S
>
>
>
> ________________________________
>
> From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx]
> On Behalf Of Ball, Dan
> Sent: Thursday, March 30, 2006 8:26 PM
> To: ISA Mailing List
> Subject: [isalist] Interesting question...
>
>
>
> I was trying to assist someone with logging traffic, and this is the
> explanation I got...
>
>
>
> ----------Quote----------
>
> Our network consists of a single Internet filter on the outisde
>
> (Screendoor) with several ISA 2000 and 2004 servers behind it. The
> client computer makes a request to a web site that will be blocked by
> screen door, it passes out the ISA server to Screendoor, Screendoor
> blocks it and the client ends up with a page could not be displayed
> message. Of course Screendoor in that example doesn't know what private
> ip address that request came from only the ISA server does, in my case
> the ISA 2004 server is configured in firewall/cache mode. Because of
> the problem we had been having with screendoor allowing the bad site to
> load if the user refreshed enough times we told screendoor to redirect
> the user to another site instead of just blocking them. The redirected
> site will be on our local web server. What I was asking is if we could
> embed a script of some sort on that local web site that would collect
> their private ip address as well as the local nds/ad username and store
> it in a log file. I'm trying to avoid requiring the users to login to
> the Internet separately from logging into the network and because the
> Internet filter is outside the firewall integrating it with nds/ad isn't
> really an option either. We're ultimately moving to a Dansguardian
> solution anyway and possibly several of them (inside each firewall and
> one possibly outside the firwall where Screendoor currently sits) so it
> will become a mute point eventually anyway.
>
> ----------End Quote----------
>
>
>
> Am I correct to assume that all traffic coming out of the ISA server
> would be stripped of all identifying information, and the server it was
> redirected to would only show the IP of the screendoor/ISA server?
>
>
>
>
>
>
> All mail to and from this domain is GFI-scanned.
>
> ------------------------------------------------------
> List Archives: //www.freelists.org/archives/isalist/
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server Articles and Tutorials:
> http://www.isaserver.org/articles_tutorials/
> ISA Server Blogs: http://blogs.isaserver.org/
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
> Report abuse to listadmin@xxxxxxxxxxxxx
>
> ------------------------------------------------------
> List Archives: //www.freelists.org/archives/isalist/
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server Articles and Tutorials:
> http://www.isaserver.org/articles_tutorials/
> ISA Server Blogs: http://blogs.isaserver.org/
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
> Report abuse to listadmin@xxxxxxxxxxxxx
>
>
>
------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx
Other related posts:
