RE: Rules - Why does this not work
- From: Karnail Singh <singh_karnail@xxxxxxxxx>
- To: "\[ISAserver.org Discussion List\]" <isalist@xxxxxxxxxxxxx>
- Date: Wed, 29 Jan 2003 09:46:55 -0800 (PST)
Dr. Tom
I am trying to setup the Web Publishing of 4 internal
sites. I am not able to do despite the following
setup.
1. No IIS is running on ISA system.
2. External name (Can be resolved over internet) is
registered as home.companyname.com resolving to
external address of ISA server.
3. Internal site are working as
a)http://server/sitename b) http://server1:8075 c)
http://server2:5555 d) http://server from internal
network. (i.e internal DNS is working)
I want users to type in
http://home.companyname.com/abc to go to site a) in
above step, http://home.companyname.com/xyz to to to
site b) in above step and so forth.
I did followed the procedure available in book "ISA
server 2000" and tried following the procedure from
ISASERVER.ORG but I am not able to make it work.
Please Help!!!
Thanks
Karnail Singh
--- Thomas W Shinder <tshinder@xxxxxxxxxxxxxxxxxx>
wrote:
> http://www.ISAserver.org
>
>
> Hi Raji,
>
> You don't need a rule to prevent code red. Note the
> request was for
> http:/www Since you don't have a destination set in
> a publishing rule
> that contains www, the rule protects you. Make sure
> you read my articles
> on Securing ISA Server over at
> www.isaserver.org/shinder because there
> are some registry entries you should make to prevent
> the unqualified www
> request to become qualified and maybe cause you
> problems.
>
> HTH,
> Tom
> www.isaserver.org/shinder
>
>
> -----Original Message-----
> From: Raji Arulambalam [mailto:rajia@xxxxxxxxxxxxxx]
>
> Sent: Tuesday, January 21, 2003 6:37 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Rules - Why does this not
> work
>
>
> http://www.ISAserver.org
>
>
> Hi Tom
> Thanks for the reply.
> The book contains info on publishing TSAC, which I
> am going thru and
> trying
> to get it working.
>
> But getting back to my original question -
> why didn't the Code Red rule kick in??
> and what kind of authorisation is ISA expecting.?
>
> 211.160.21.17 anonymous - N 2003-01-21 05:59:33
> W3ReverseProxy CELERIS - www - - - 72
> -
> - TCP GET http://www/scripts/root.exe?/c+dir -
> -
> 12209 0x0 Default rule -
>
> Cheers
> ---------------------------------------------
> Raji Arulambalam
> Systems Administrator
> Environment Bay of Plenty
> P O Box 364 Whakatane.
> NEW ZEALAND
> --------------------------------------------
> Nothing in life is to be feared. It is only to be
> understood. - Marie
> Curie
>
>
>
> -----Original Message-----
> From: Thomas W Shinder
> [mailto:tshinder@xxxxxxxxxxxxxxxxxx]
> Sent: Wednesday, January 22, 2003 12:55 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Rules - Why does this not
> work
>
>
> http://www.ISAserver.org
>
>
> Hi Raji,
>
> Thanks for getting the book! :-)
>
> I can never remember all those error codes either.
> Just open the help
> file and do a search for the number and you'll be
> able to find it pretty
> fast. There's just a few firewall service codes that
> don't appear in the
> help file. If you can't find them, post to the list
> and someone here
> will be able to find what they mean.
>
> I'm don't recall if I put anything about TSAC in the
> second book. If
> not, check over at www.isaserver.org/shinder and
> search the page for
> TSAC and you'll find something helpful.
>
> HTH,
> Tom
> www.isaserver.org/shinder
>
>
>
>
>
> -----Original Message-----
> From: Raji Arulambalam [mailto:rajia@xxxxxxxxxxxxxx]
>
> Sent: Tuesday, January 21, 2003 12:21 AM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] Rules - Why does this not work
>
>
> http://www.ISAserver.org
>
>
> Hi
>
> Why does not this set of configuration stop these
> trojans instead of
> the
> default rule.
>
> Site and Content Rule Name : Stop Code Red
>
> Description : Stop the Code Red
> Enabled : True
> Rule Applies to : Selected Destination Set
> Destination Set Used : Stop Code Red
> Access to the specified destinations : Denied
> Rule Applies to : Any Request
> Rule Applies to : All Content Types
>
> Web Publishing Rule Name : Code Red
>
> Enabled : True
> Rule Applies to : Selected Destination Set
> Destination Set Used : Stop Code Red
> Action : Discard the request
> Redirect HTTP requests as : HTTP Requests
> Redirect SSL requests as : SSL Requests
> Require SSL for Published Site : False
> Rule Applies to : Any Request
>
> Destination Set Name : Stop Code Red
>
> DomainName: www
> Path: /*
>
>
>
******************************************************
> This e-mail has been checked for viruses and no
> viruses were detected.
>
>
------------------------------------------------------
> List Archives:
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter:
> http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ:
> http://www.isaserver.org/pages/larticle.asp?type=FAQ
>
------------------------------------------------------
> Exchange Server Resource Site:
> http://www.msexchange.org/
> Windows Security Resource Site:
> http://www.windowsecurity.com/
> Windows 2000/NT Fax Solutions:
> http://www.ntfaxfaq.com
>
------------------------------------------------------
> You are currently subscribed to this ISAserver.org
> Discussion List as:
> tshinder@xxxxxxxxxxxxxxxxxx
> To unsubscribe send a blank email to
> $subst('Email.Unsub')
>
>
------------------------------------------------------
> List Archives:
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter:
> http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ:
> http://www.isaserver.org/pages/larticle.asp?type=FAQ
>
------------------------------------------------------
> Exchange Server Resource Site:
> http://www.msexchange.org/
> Windows Security Resource Site:
> http://www.windowsecurity.com/
> Windows 2000/NT Fax Solutions:
> http://www.ntfaxfaq.com
>
------------------------------------------------------
> You are currently subscribed to this ISAserver.org
> Discussion List as: singh_karnail@xxxxxxxxx
> To unsubscribe send a blank email to
$subst('Email.Unsub')
__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com
Other related posts:
