Re: Struggling to DENY access for applications!

• From: "Jim Harrison" <jim@xxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Mon, 4 Nov 2002 09:27:31 -0800

All that setting accomplishes is to deny access to the FW client for that
app.
It does not deny access through the ISA for the app if the client is also a
SecureNAT client.
You'll need to set up blocking filters and rules as dictated in Tom's
article on dangerous messenger clients.

 Jim Harrison
 MCP(NT4, W2K), A+, Network+, PCG
 http://isaserver.org/pages/author_index.asp?aut=3
 http://isatools.org
 Read the help / books / articles!

----- Original Message -----
From: "William Robertson" <robertson.william@xxxxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Sunday, November 03, 2002 9:03 PM
Subject: [isalist] Struggling to DENY access for applications!


http://www.ISAserver.org


Hi there

I have tried to make modifications to the Firewall Client Config (thru the
MMC), but I cannot seem to get the FW Client to DENY access to certain
applications.

For example, I would like to be able to have the FW Client block
applications such as Windows Messenger, ICQ etc. But when I add an entry
to the FW Client config with the following parameters:
Application: msmsgs
Key: Disable
Value: 1

Nothing happens. The Windows Messenger continues to get through to my ISA
Server, instead of being denied by the FW Client.

Another thing I have tried is to add the following:
Application: Common Configuration
Key: Disable
Value: 1

By doing this I was hoping to DENY access to ALL applications that were
not specifically ALLOWED within the FW Client config, but this also did
not work.

Does anybody have any idea how I can DENY access to all applications on a
workstation that are not explicitly ALLOWEd by the FW Client config?

Cheers
William R.

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/
Windows Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

Other related posts:

• » Struggling to DENY access for applications!
• » Re: Struggling to DENY access for applications!
• » Re: Struggling to DENY access for applications!
• » Re: Struggling to DENY access for applications!
• » Re: Struggling to DENY access for applications!
• » Re: Struggling to DENY access for applications!
• » Re: Struggling to DENY access for applications!
• » Re: Struggling to DENY access for applications!
• » Re: Struggling to DENY access for applications!
• » Re: Struggling to DENY access for applications!

1. Home
2. isalist
3. Archive
4. 11-2002

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---