Re: Unable to block Websites
- From: "Jim Harrison" <jim@xxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Mon, 12 Apr 2004 11:45:07 -0700
The ISA reports are VERY basic.
ISA logs, on the other hand are VERY detailed.
When ISA receives traffic from a client , it logs how much data was transferred
between them. This includes any auth
request/response, or request/refusal traffic. just because traffic was logged
for a request, doesn't mean it actually made it
across ISA.
As I said, if you want to know whether or not a particular request was allowed
or refused, read the logs, not the reports.
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://www.microsoft.com/isaserver
http://isaserver.org/Jim_Harrison
http://isatools.org
Read the help, books and articles!
----- Original Message -----
From: <mathif@xxxxxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Monday, April 12, 2004 06:38
Subject: [isalist] Re: Unable to block Websites
http://www.ISAserver.org
Hi Jim,
I agree with you. But, how can you justify with the bandwidth in colum from
ISA REPORT. It shows a lot of bandwidth coming in from reports.hotbar.com.
Yes, I didn't use "http://"; for the destination set.
What do you say?
Thanks,
Athif
-----Original Message-----
From: Jim Harrison [mailto:jim@xxxxxxxxxxxx]
Sent: Sunday, 11 April 2004 4:50 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: Unable to block Websites
http://www.ISAserver.org
It shows in the reports because you made the request of ISA. Read the LOGS,
not the REPORTS.
Take a read in the ISA help; the log fields are explained there. If you want
to block a certain site, then include that site (wihtout the "http://"; part)
in a destination set and use that destination set in a "deny" site and
content rule.
It's all in the help.
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/Jim_Harrison/
http://isatools.org
Read the help / books / articles!
On Sun, 11 Apr 2004 10:38:16 +0300
mathif@xxxxxxxxxxxxxxx wrote:
http://www.ISAserver.org
Hi Jim,
Can you tell me what is sc-result code?
Like, when I try to browse www.hotbar.com I cant then why is it showing in
ISA REPORTS. I want to get rid of this becoz the internet is going down.
What shuld I do?? Please help me
Regards,
Athif
-----Original Message-----
From: Jim Harrison [mailto:jim@xxxxxxxxxxxx]
Sent: Saturday, 10 April 2004 6:40 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: Unable to block Websites
http://www.ISAserver.org
ISA Reports are not good validation tools, as they report on ALL traffic,
blocked or allowed. Use your logs to see what the sc-result code was.
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG http://www.microsoft.com/isaserver
http://isaserver.org/Jim_Harrison
http://isatools.org
Read the help, books and articles!
----- Original Message -----
From: <mathif@xxxxxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Saturday, April 10, 2004 05:50
Subject: [isalist] Unable to block Websites
http://www.ISAserver.org
Dear Experts,
Actually, I am trying to block report.hotbar.com and gatorcme.gator.com as
its using lot of my bandwidth which I can see in ISA Reports. To block this,
I have created a Destination Set seperately for both this sites and applied
Site&Content Rule. But, still I can see that in the ISA REPORTS. I create
the reports on daily basis.
Is there something I am missing or is there any other way I shuld do it??
Your thoughts please.
Regards,
Athif
-----------------------------------------------------
This email and any files transmitted with it are confidential and intended
solely for the use of the individual or entity to whom/which they are
addressed. If you have received this email in error please notify the system
manager at the following email address: sadmin@xxxxxxxxxxxxxxx
<mailto:sadmin@xxxxxxxxxxxxxxx>. Please note that any views or opinions
presented in this email are solely those of the author and do not
necessarily represent those of Al Faisaliah Group. Internet communications
cannot be guaranteed to be secure or error-free as information could be
intercepted, corrupted, lost, arrive late or contain viruses. The sender
therefore does not accept liability for any errors or omissions in the
context of this message, which arise as a result of Internet transmission.
Finally, the recipient should check this email and any attachments for the
presence of viruses. Al Faisaliah Group accepts no liability for any damage
caused by any virus transmitted by this email.
-----------------------------------------------------
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange
Server Resource Site: http://www.msexchange.org Windows Security Resource
Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx To unsubscribe send a blank email to
$subst('Email.Unsub')
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange
Server Resource Site: http://www.msexchange.org Windows Security Resource
Site: http://www.windowsecurity.com/ Network Security Library:
http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
mathif@xxxxxxxxxxxxxxx To unsubscribe send a blank email to
$subst('Email.Unsub')
-----------------------------------------------------
This email and any files transmitted with it are confidential and intended
solely for the use of the individual or entity to whom/which they are
addressed. If you have received this email in error please notify the system
manager at the following email address: sadmin@xxxxxxxxxxxxxxx
<mailto:sadmin@xxxxxxxxxxxxxxx>. Please note that any views or opinions
presented in this email are solely those of the author and do not
necessarily represent those of Al Faisaliah Group. Internet communications
cannot be guaranteed to be secure or error-free as information could be
intercepted, corrupted, lost, arrive late or contain viruses. The sender
therefore does not accept liability for any errors or omissions in the
context of this message, which arise as a result of Internet transmission.
Finally, the recipient should check this email and any attachments for the
presence of viruses. Al Faisaliah Group accepts no liability for any damage
caused by any virus transmitted by this email.
-----------------------------------------------------
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
Other related posts:
