Hi Muttee, Use user/group based access controls, configure the clients as Web Proxy and Firewall clients and deny Internet access to user accounts that violate network usage policy. HTH, Tom Thomas W Shinder www.isaserver.org/shinder ISA 2004 Beta - Get it now! http://www.microsoft.com/isaserver/beta/default.asp ISA Server and Beyond: http://tinyurl.com/1jq1 Configuring ISA Server: http://tinyurl.com/1llp -----Original Message----- From: Muttee Rehman [mailto:atmatli@xxxxxxxxxxx] Sent: Wednesday, May 05, 2004 5:53 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: how to disable public firewalls sessions in isa servers http://www.ISAserver.org Ok Tom, I didn't know that, any idea how to restrict those public ips, i've already tried to restrict those ips but users change their ips and can successfully use internet, any other idea to stop those raskles, A friend of mine recommend Sygate firewall but i am afraid it is worthless, any other idea? Thanks, Muttee >From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx> >Reply-To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> >To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> >Subject: [isalist] RE: how to disable public firewalls sessions in isa >servers >Date: Wed, 5 May 2004 05:27:50 -0500 > >http://www.ISAserver.org > >Hi Muttee, > >The problem with MAC address based access control is: > >1. It only works for hosts on the directly connected segment. On a >well-designed network, there won't be any hosts other than a router >connected on that segment. > >2. Its very easily to change your MAC address, same as with IP address. > >HTH, >Tom > >Thomas W Shinder >www.isaserver.org/shinder >ISA 2004 Beta - Get it now! >http://www.microsoft.com/isaserver/beta/default.asp >ISA Server and Beyond: http://tinyurl.com/1jq1 >Configuring ISA Server: http://tinyurl.com/1llp > > > > >-----Original Message----- >From: Muttee Rehman [mailto:atmatli@xxxxxxxxxxx] >Sent: Wednesday, May 05, 2004 5:19 AM >To: [ISAserver.org Discussion List] >Subject: [isalist] RE: how to disable public firewalls sessions in isa >servers > > >http://www.ISAserver.org > > >Hi Jawad, > >As far as the ip blocking is concerned it's been hard enough to stop >this >however I recommend you to install Sygate Firewall on your server, it >actually restricts access via MAC address find MAC of those cheaters and > >block them, Please reply me if you'll successed in that. > >Muttee > >_________________________________________________________________ >Protect your PC - get McAfee.com VirusScan Online >http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 > > >------------------------------------------------------ >List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist >ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp >ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ >------------------------------------------------------ >Other Internet Software Marketing Sites: >Leading Network Software Directory: http://www.serverfiles.com >No.1 Exchange Server Resource Site: http://www.msexchange.org >Windows Security Resource Site: http://www.windowsecurity.com/ >Network Security Library: http://www.secinf.net/ >Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com >------------------------------------------------------ >You are currently subscribed to this ISAserver.org Discussion List as: >tshinder@xxxxxxxxxxxxxxxxxx >To unsubscribe send a blank email to $subst('Email.Unsub') > >------------------------------------------------------ >List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist >ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp >ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ >------------------------------------------------------ >Other Internet Software Marketing Sites: >Leading Network Software Directory: http://www.serverfiles.com >No.1 Exchange Server Resource Site: http://www.msexchange.org >Windows Security Resource Site: http://www.windowsecurity.com/ >Network Security Library: http://www.secinf.net/ >Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com >------------------------------------------------------ >You are currently subscribed to this ISAserver.org Discussion List as: >atmatli@xxxxxxxxxxx >To unsubscribe send a blank email to $subst('Email.Unsub') _________________________________________________________________ MSN 8 with e-mail virus protection service: 2 months FREE* http://join.msn.com/?page=features/virus ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')