http://www.ISAserver.org ------------------------------------------------------- What, "Broke Back?" That's prob your style ;) t On 3/30/06 6:37 PM, "Steve Moffat" <steve@xxxxxxxxxx> spoketh to all: > http://www.ISAserver.org > ------------------------------------------------------- > > 2 words come to mind and they ain't mountain man.....:)~ > > -----Original Message----- > From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] > On Behalf Of Thor (Hammer of God) > Sent: Thursday, March 30, 2006 10:08 PM > To: ISA Mailing List > Subject: [isalist] Re: Interesting question... > > http://www.ISAserver.org > ------------------------------------------------------- > > Is that ignorance you are showing? That's funny... It looked like your > ass to me ;)))))))) > > > t > > > On 3/30/06 5:52 PM, "Steve Moffat" <steve@xxxxxxxxxx> spoketh to all: > >> http://www.ISAserver.org >> ------------------------------------------------------- >> >> Showing my ignorance again...:(..I always thought NAT supplied the >> external IP to hide your internals...oh well, one learns something new > >> every day about tcp stuff..... >> >> S >> -----Original Message----- >> From: isalist-bounce@xxxxxxxxxxxxx >> [mailto:isalist-bounce@xxxxxxxxxxxxx] >> On Behalf Of Jim Harrison >> Sent: Thursday, March 30, 2006 9:51 PM >> To: ISA Mailing List >> Subject: [isalist] Re: Interesting question... >> >> http://www.ISAserver.org >> ------------------------------------------------------- >> >> Nope - it's not. >> NAT doesn't break the TCP connection; proxy does. >> >> This is CERN proxy behavior; the upstream server is blissfully >> ignorant of the "real" client IP. >> It *may * have access to such niceties as user-agent, but those are >> not guaranteed. >> >> ------------------------------------------------------- >> Jim Harrison >> MCP(NT4, W2K), A+, Network+, PCG >> http://isaserver.org/Jim_Harrison/ >> http://isatools.org >> Read the help / books / articles! >> ------------------------------------------------------- >> >> >> -----Original Message----- >> From: isalist-bounce@xxxxxxxxxxxxx >> [mailto:isalist-bounce@xxxxxxxxxxxxx] >> On Behalf Of Steve Moffat >> Sent: Thursday, March 30, 2006 17:31 >> To: ISA Mailing List >> Subject: [isalist] Re: Interesting question... >> >> You are correct, It's doing NAT. >> >> >> >> S >> >> >> >> ________________________________ >> >> From: isalist-bounce@xxxxxxxxxxxxx >> [mailto:isalist-bounce@xxxxxxxxxxxxx] >> On Behalf Of Ball, Dan >> Sent: Thursday, March 30, 2006 8:26 PM >> To: ISA Mailing List >> Subject: [isalist] Interesting question... >> >> >> >> I was trying to assist someone with logging traffic, and this is the >> explanation I got... >> >> >> >> ----------Quote---------- >> >> Our network consists of a single Internet filter on the outisde >> >> (Screendoor) with several ISA 2000 and 2004 servers behind it. The >> client computer makes a request to a web site that will be blocked by >> screen door, it passes out the ISA server to Screendoor, Screendoor >> blocks it and the client ends up with a page could not be displayed >> message. Of course Screendoor in that example doesn't know what >> private ip address that request came from only the ISA server does, in > >> my case the ISA 2004 server is configured in firewall/cache mode. >> Because of the problem we had been having with screendoor allowing the > >> bad site to load if the user refreshed enough times we told screendoor > >> to redirect the user to another site instead of just blocking them. >> The redirected site will be on our local web server. What I was >> asking is if we could embed a script of some sort on that local web >> site that would collect their private ip address as well as the local >> nds/ad username and store it in a log file. I'm trying to avoid >> requiring the users to login to the Internet separately from logging >> into the network and because the Internet filter is outside the >> firewall integrating it with nds/ad isn't really an option either. >> We're ultimately moving to a Dansguardian solution anyway and possibly > >> several of them (inside each firewall and one possibly outside the >> firwall where Screendoor currently sits) so it will become a mute > point eventually anyway. >> >> ----------End Quote---------- >> >> >> >> Am I correct to assume that all traffic coming out of the ISA server >> would be stripped of all identifying information, and the server it >> was redirected to would only show the IP of the screendoor/ISA server? >> >> >> >> >> >> >> All mail to and from this domain is GFI-scanned. >> >> ------------------------------------------------------ >> List Archives: //www.freelists.org/archives/isalist/ >> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp >> ISA Server Articles and Tutorials: >> http://www.isaserver.org/articles_tutorials/ >> ISA Server Blogs: http://blogs.isaserver.org/ >> ------------------------------------------------------ >> Visit TechGenix.com for more information about our other sites: >> http://www.techgenix.com >> ------------------------------------------------------ >> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp >> Report abuse to listadmin@xxxxxxxxxxxxx >> >> ------------------------------------------------------ >> List Archives: //www.freelists.org/archives/isalist/ >> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp >> ISA Server Articles and Tutorials: >> http://www.isaserver.org/articles_tutorials/ >> ISA Server Blogs: http://blogs.isaserver.org/ >> ------------------------------------------------------ >> Visit TechGenix.com for more information about our other sites: >> http://www.techgenix.com >> ------------------------------------------------------ >> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp >> Report abuse to listadmin@xxxxxxxxxxxxx >> >> >> > > > ------------------------------------------------------ > List Archives: //www.freelists.org/archives/isalist/ > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server Articles and Tutorials: > http://www.isaserver.org/articles_tutorials/ > ISA Server Blogs: http://blogs.isaserver.org/ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp > Report abuse to listadmin@xxxxxxxxxxxxx > > ------------------------------------------------------ > List Archives: //www.freelists.org/archives/isalist/ > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server Articles and Tutorials: > http://www.isaserver.org/articles_tutorials/ > ISA Server Blogs: http://blogs.isaserver.org/ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp > Report abuse to listadmin@xxxxxxxxxxxxx > > > ------------------------------------------------------ List Archives: //www.freelists.org/archives/isalist/ ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/ ISA Server Blogs: http://blogs.isaserver.org/ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ To unsubscribe visit http://www.isaserver.org/pages/isalist.asp Report abuse to listadmin@xxxxxxxxxxxxx