RE: OWA Publishing

• From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Wed, 4 May 2005 09:47:16 -0500

Hi David,
What I'm thinking of is a more conventional AV for OWA connections
bridged by the ISA firewall. So, during the period that the information
is unencrypted at the ISA firewall, it could be exposed to to the AV
scanner. Now, the application would have to understand how OWA
encapsulates the messages and attachments, and then return it to ISA to
re-encrypt and forward to the the OWA server on the corporate network. 

From a programming perspective, would such an exercise significantly
deviate from what you do with more conventional AV scanners for Web
downloads? Would it even be possble? 

Thanks!

Tom
www.isaserver.org/shinder
Tom and Deb Shinder's Configuring ISA Server 2004
http://tinyurl.com/3xqb7
MVP -- ISA Firewalls


-----Original Message-----
From: David Farinic [mailto:davidf@xxxxxxx] 
Sent: Wednesday, May 04, 2005 9:40 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: OWA Publishing

http://www.ISAserver.org

Programming complexity of whom? Hacker's or protecting application
developer? :)
If 1 goes deeper other 1 has to go deeper as well... 

Only way how to stop this loop is to define protocols/document types you
understand and allow in your network.

Example1:
We allow PDF as our AV scanner on gateway recognize them.
However if PDF download contains attachments (rar arj gz zip tar) which
our AV doesn't recognize therefore they are not scanned  our GATEWAY
application should stop them. 
Example 2: 
Zip files with passwords passing via your Exchange Server to mail boxes
of your users ... would you allow them? 

Regards DavidF

-----Original Message-----
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] 
Sent: Wednesday, May 04, 2005 4:31 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: OWA Publishing

http://www.ISAserver.org

Hi David,
Thanks! So it's a matter of programming complexity rather than of
programming impossibility? 


Tom
www.isaserver.org/shinder
Tom and Deb Shinder's Configuring ISA Server 2004
http://tinyurl.com/3xqb7
MVP -- ISA Firewalls


-----Original Message-----
From: David Farinic [mailto:davidf@xxxxxxx] 
Sent: Wednesday, May 04, 2005 9:19 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: OWA Publishing

http://www.ISAserver.org

Every AV scanning on ISA server scans just some things. 
In another words traffic or data objects which are recognized by AV.
Show me any AV for ISA and I will show you how to bypass it with any
virus.
Of course they, ISA AV products, usually don't tell you what is not
scanned to keep you happy.

In case of OWA  I would rely more on scanning on native email format
scanning on Mail server then scanning it on not native transport
protocol for these objects.

In Another words more not standard encapsulation == more probability AV
will not check some levels of message encapsulation.

Regards DavidF



-----Original Message-----
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] 
Sent: Wednesday, May 04, 2005 3:57 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: OWA Publishing

http://www.ISAserver.org

Hi Jim,

But can't the AV access it during the bridging? The HTTP Security Filter
has access at the point.

Thanks! 



  
This mail was checked for viruses by GFI MailSecurity. 
GFI also develops anti-spam software (GFI MailEssentials), a fax server
(GFI FAXmaker), and network security and management software (GFI
LANguard) - www.gfi.com 


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

Other related posts:

• » OWA Publishing
• » RE: OWA Publishing
• » RE: OWA Publishing
• » RE: OWA Publishing
• » RE: OWA Publishing
• » RE: OWA Publishing
• » RE: OWA Publishing
• » RE: OWA Publishing
• » RE: OWA Publishing
• » RE: OWA Publishing
• » RE: OWA Publishing
• » RE: OWA Publishing
• » RE: OWA Publishing
• » RE: OWA Publishing
• » RE: OWA Publishing
• » OWA Publishing
• » Re: OWA Publishing
• » Re: OWA Publishing
• » Re: OWA Publishing
• » Re: OWA Publishing
• » Re: OWA Publishing
• » Re: OWA Publishing
• » Re: OWA Publishing
• » Re: OWA Publishing
• » Re: OWA Publishing
• » OWA Publishing
• » RE: OWA Publishing
• » RE: OWA Publishing
• » RE: OWA Publishing
• » RE: OWA Publishing
• » RE: OWA Publishing
• » RE: OWA Publishing
• » RE: OWA Publishing
• » RE: OWA Publishing
• » RE: OWA Publishing
• » RE: OWA Publishing
• » RE: OWA Publishing
• » RE: OWA Publishing
• » RE: OWA Publishing
• » RE: OWA Publishing

1. Home
2. isalist
3. Archive
4. 05-2005

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---