RE: blocking connection by application

• From: "cismic" <cismic@xxxxxxx>
• To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
• Date: Thu, 23 Jan 2003 08:30:13 -0800

Hi All,

Something I like to do is to ensure that my network cards are not using auto
discovery and actually set them to be full duplex manually.  I have found
more often then not that if you don't do this the cards don't operate at
full duplex.  Then under the TCP/IP settings in the system registry for the
interface
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Inter
faces\] that is assigned to the nic card I also manually set the "MTU" value
of the card to at least "1440".  There are some other settings that can be
set that ensures consist speed and packet transmission between various
routers.
The enclosed file UpdateMTU.vbs.txt will update the MUT values on all
appropriate interfaces.  Just rename the *.txt back to *.vbs

This will give you noticeable increase in bandwidth that you can measure
with perfmon.


Thank you,
Joseph

-----Original Message-----
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx] 
Sent: Thursday, January 23, 2003 1:32 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: blocking connection by application


http://www.ISAserver.org


Hi Rami,

To set effective bandwidth for a network card

In the console tree of ISA Management, right-click Bandwidth Rules and click
Properties. 
Where?

Internet Security and Acceleration Server 
Servers and Arrays 
Name 
Bandwidth Rules 
On the General tab, click Enable bandwidth control. 
In Effective bandwidth, type the effective bandwidth for the network
connection. 

HTH,
Tom

Thomas W Shinder
www.isaserver.org/shinder 
http://tinyurl.com/1jq1
http://tinyurl.com/1llp

 
 


-----Original Message-----
From: Rami SIK [mailto:rami@xxxxxxxxxxxxxxx] 
Sent: Thursday, January 23, 2003 3:02 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: blocking connection by application


http://www.ISAserver.org


Do we have to click "Enable Bandwidth Control" check box in the properties
tab of the Bandwidth Rules container in order for the bandwidth rules to
take affect?


 
--------------------------------------------------------------------
Rami SIK
 
System & Network Administrator
CCNA
 
Kimyatas
Istanbul / Turkey
 
Tel:90-212-334 4963
--------------------------------------------------------------------
 

-----Original Message-----
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx] 
Sent: Thursday, January 23, 2003 4:10 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: blocking connection by application

http://www.ISAserver.org


Hi Thaps,

If you want to have some fun, keep a list of Kaaza abusers and then create a
bandwidth rule and assign that rule a bandwidth priority of 1 and 1. Then
assign your Kaaza abusers to that bandwidth rule. When they complain, tell
them that file sharing applications are hurting bandwidth. After they stop
using the warez apps for a month, then you can take them out of the group
assigned to the throttled bandwdith rule.

HTH,
Tom
www.isaserver.org/shinder


-----Original Message-----
From: Thapeli Matsabo - CPX Mngd Services
[mailto:ThapeliM@xxxxxxxxxxxxxxxxxxxx] 
Sent: Wednesday, January 22, 2003 4:05 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] blocking connection by application


http://www.ISAserver.org


Hi,
I have a lot of users on my network that connect to P2P sites (i.e
Kazaa)using firewall client. On my logs I see all kazaa connections going to
different IP's. This makes blocking by IP too much a hassle. Is there a way
I can block by application. Since ISA already picks up the application
(kazaa.exe). 

Regards,

Thaps



------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/ Windows Security
Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to
$subst('Email.Unsub')

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/ Windows Security
Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
rami@xxxxxxxxxxxxxxx To unsubscribe send a blank email to
$subst('Email.Unsub')


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/ Windows Security
Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to
$subst('Email.Unsub')

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/ Windows Security
Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
cismic@xxxxxxx To unsubscribe send a blank email to
$subst('Email.Unsub')

'****************************************************************"
' Module/Class: UpdateMTU.vbs
'
' Version:     1.00.0000"
' Description: Admin tools for automating updating MTU info
'              
'       
' Last update: 12/18/2002 Joseph Kravis(joseph.kravis@xxxxxxxxxx)"
' Last Time  :
'
' Notes:  from the command line run as: cscript.exe UpdateMTU.vbs
'
' ** REVISIONS**"
'
' Date      By         Description"
' --------  ---------- ------------------------------------------"
' See individual subs for revision information"
'****************************************************************"

const HKEY_LOCAL_MACHINE = &H80000002
strComputer = "."
Set StdOut = WScript.StdOut

'***
' Set WMI to impersonate at the root defalut level for reading selected key
'***
Set oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & strComputer 
& "\root\default:StdRegProv")

strKeyPath = "SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces"
oReg.EnumKey HKEY_LOCAL_MACHINE, strKeyPath, arrSubKeys

'***
'Retreive the sub keys for looking at DHCP and IP address fields
'***

'***
' For each interface sub key process values we are looking for (DHCP and IP)
'***
For Each subkey In arrSubKeys

    StdOut.WriteLine " "
    StdOut.WriteLine "New Interface " & subkey

        '***
        'Retreive the sub keys for passed in subkey data
        '***
        strKeyPathB = 
"SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces" & "\" & subKey
        oReg.EnumValues HKEY_LOCAL_MACHINE, strKeyPathB, arrValueNames, 
arrValueTypes

        StdOut.WriteLine strKeyPathB

        For i=0 To UBound(arrValueNames)
            oReg.GetExpandedStringValue HKEY_LOCAL_MACHINE, strKeyPathB, 
arrValueNames(i) , strValue
                
                '***
                ' If we have either a DHCP or IP address
                '***
                IF arrValueNames(i) = "DhcpIPAddress" or arrValueNames(i) = 
"IPAddress" Then
                        '***
                        ' If we have either a DHCP or IP values add the MTU 
keyword
                        '***
                        IF strValue <> "" or strValue <> "0.0.0.0"  THEN
                            StdOut.WriteLine "Value Name: " & arrValueNames(i) 
& " = " &  strValue
                    
                            strValueName = "MTU"
                            dwValue = 1440
                            oReg.SetDWORDValue HKEY_LOCAL_MACHINE, strKeyPathB, 
strValueName, dwValue

                        END IF
                END IF

        NEXT

NEXT 'End arrSubKeys Collection

Other related posts:

• » blocking connection by application
• » RE: blocking connection by application
• » RE: blocking connection by application
• » RE: blocking connection by application
• » RE: blocking connection by application
• » RE: blocking connection by application
• » RE: blocking connection by application
• » RE: blocking connection by application

1. Home
2. isalist
3. Archive
4. 01-2003

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---