User-Agent String

  • From: "Ball, Dan" <DBall@xxxxxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Wed, 27 Apr 2005 12:12:40 -0400

I know this has been discussed a couple of times, but I don't remember
if we ever found a solution to it...

 

The way I have it setup now, to keep unauthorized software from using
http-tunneling and bypassing the filters, we inspect the "User-Agent"
portion of the header and block certain strings with the http filter.
This works, but the error message given to the client also explains that
it was blocked due to a User-Agent string.  With programs such as
FireFox, they can then go in and modify their User-Agent string to allow
it through.  In addition, knowing all the User-Agent strings to block is
difficult if not impossible.

 

So, it would make logical sense to use a "block all except" approach to
this instead.  However, I have yet to be able to find this option, is it
possible in ISA2004?

 

________________________________

The correct technical term for haggis stalking is "havering".
<http://haggishunt.scotsman.com/haggisclopedia.cfm?part=5>  

________________________________


Other related posts: