John, I'm not too sure about that. If I make an HTTP request to a host nothing running on port 80, the host in question doesn't return anything. ISA server, when I tell it to discard the packet like it never came, actually returns packets. If I send an HTTP request to port 81, ISA does nothing - but the client computer/browser shows an error in my GUI (IE). So in that case the server appears to be truly discarding the request and not returning anything. Jim/Tom, can you throw in your $.02 on this? Does 2004 help? Thanks. >Date: Wed, 7 Jul 2004 10:06:05 -0700 > >Author: "John Tolmachoff \(Lists\)" <johnlist@xxxxxxxxxxxxxxxxxxx> > >Subject: RE: True Web Publishing Discard? > >Body: When an HTTP request is made, something must be returned, or a timeout error >message or a can not find server error message. > >John Tolmachoff >Engineer/Consultant/Owner >eServices For You > > >> -----Original Message----- >> Subject: [isalist] True Web Publishing Discard? >> >> http://www.ISAserver.org >> >> >> ISA 2000 - >> >> I have a web publishing rule set to "deny" certain IP number ranges and >> redirect to a web site that has an empty HTML page. That works as >> expected. >> >> I recently changed the rule to "discard". But instead of ignoring the >> traffic, ISA displays a "I don't like you" page. That doesn't exactly >> seem like discarding to me... >> >> So then I changed the "deny" rule back to the empty web site, and then >> stopped that web site. Now I get an "{Invalid Hostname)" message when I >> try to hit the site from a bad IP range. Again, that's not ignoring. >> >> Did I miss something, is there another way to get ISA to truly >> ignore/discard web traffic? I think that If I can make it look like the >> site is not there to bad guys, then hopefully they will just move on - but >> ISA is giving up too much info. >>