[isapros] Re: Does this array script look ok to you??
- From: "Steve Moffat" <steve@xxxxxxxxxx>
- To: <isapros@xxxxxxxxxxxxx>
- Date: Thu, 13 Jul 2006 16:46:36 -0300
Didn't get up to the site today. But I have made a little progress. The
offending application is a proxy server type thing....it makes IE use
127.0.0.1:8080
I had the user removed the firewall client and had a bit of success. It would
connect to one of the sites, but not the other. It's driving me batty. I hope
to speak to a technician at the bank tomorrow, before I go onsite.
S
-----Original Message-----
From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx] On
Behalf Of Steve Moffat
Sent: Wednesday, July 12, 2006 6:01 PM
To: isapros@xxxxxxxxxxxxx
Subject: [isapros] Re: Does this array script look ok to you??
The list is fine...if it accepts attachments.
-----Original Message-----
From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx] On
Behalf Of Jim Harrison
Sent: Wednesday, July 12, 2006 5:40 PM
To: isapros@xxxxxxxxxxxxx
Subject: [isapros] Re: Does this array script look ok to you??
..or this alias, if you're so inclined...
-------------------------------------------------------
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/Jim_Harrison/
http://isatools.org
Read the help / books / articles!
-------------------------------------------------------
-----Original Message-----
From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx] On
Behalf Of Steve Moffat
Sent: Wednesday, July 12, 2006 13:24
To: isapros@xxxxxxxxxxxxx
Subject: [isapros] Re: Does this array script look ok to you??
Yup...going there tomorrow......netmon 3 install. For testing purposes only of
course. You want them direct to you?
S
-----Original Message-----
From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx] On
Behalf Of Jim Harrison
Sent: Wednesday, July 12, 2006 5:22 PM
To: isapros@xxxxxxxxxxxxx
Subject: [isapros] Re: Does this array script look ok to you??
If you can get craptures fro the successful / failing sessions, we might be
able to figure it out...
-------------------------------------------------------
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/Jim_Harrison/
http://isatools.org
Read the help / books / articles!
-------------------------------------------------------
-----Original Message-----
From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx] On
Behalf Of Steve Moffat
Sent: Wednesday, July 12, 2006 13:13
To: isapros@xxxxxxxxxxxxx
Subject: [isapros] Re: Does this array script look ok to you??
Well, the weird thing is, when I watch the ISA logs in real time, the "app
traffic" is allowed, no denies, This is before IE is called. As I said, the
bloody thing is intermittent.....consistently intermittent....really annoying.
-----Original Message-----
From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx] On
Behalf Of Jim Harrison
Sent: Wednesday, July 12, 2006 5:06 PM
To: isapros@xxxxxxxxxxxxx
Subject: [isapros] Re: Does this array script look ok to you??
Does the "app" understand and use the wpad script?
If not, you can educate IE all you want and the app will still fail.
-------------------------------------------------------
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/Jim_Harrison/
http://isatools.org
Read the help / books / articles!
-------------------------------------------------------
-----Original Message-----
From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx] On
Behalf Of Steve Moffat
Sent: Wednesday, July 12, 2006 12:59
To: isapros@xxxxxxxxxxxxx
Subject: [isapros] Re: Does this array script look ok to you??
Itâs an electronic banking sign app that works over httpâ..hence
*.bankofbermuda.com, The sign in app then calls IE.
It sends a security token apparently and it is very intermittent as to whether
it passes through ISA. ie Sometimes it does, sometimes it doesnât.
Once into the app though, about 6 IE windows open, all with the same login page.
I donât have netmon 3 on the server yetâneed to visit the site to do that.
S
From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx] On
Behalf Of Thomas W Shinder
Sent: Wednesday, July 12, 2006 4:55 PM
To: isapros@xxxxxxxxxxxxx
Subject: [isapros] Re: Does this array script look ok to you??
What are you issues?
Thomas W Shinder, M.D.
Site: www.isaserver.org <http://www.isaserver.org/>
Blog: http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7
MVP -- ISA Firewalls
________________________________
From: isapros-bounce@xxxxxxxxxxxxx
[mailto:isapros-bounce@xxxxxxxxxxxxx] On Behalf Of Steve Moffat
Sent: Wednesday, July 12, 2006 1:55 PM
To: isapros@xxxxxxxxxxxxx
Subject: [isapros] Does this array script look ok to you??
I am having issues with some of the domains listed in the DirectIPâs
section. Have I got this right? ISA 2K4 all up to date.
//Copyright (c) 1997-2004 Microsoft Corporation
BackupRoute="DIRECT";
UseDirectForLocal=true;
function MakeIPs(){
this[0]="127.0.0.0";
this[1]="255.0.0.0";
this[2]="192.168.175.0";
this[3]="255.255.255.0";
this[4]="209.164.32.5";
this[5]="255.255.255.255";
this[6]="64.3.108.6";
this[7]="255.255.255.254";
this[8]="64.3.108.8";
this[9]="255.255.255.248";
this[10]="64.3.108.16";
this[11]="255.255.255.240";
}
DirectIPs=new MakeIPs();
cDirectIPs=12;
function MakeNames(){
this[0]="*.helpdesk.bldc.com";
this[1]="*.bankofbermuda.com";
this[2]="*.freerealtime.com";
this[3]="*.data.primate.com/*";
this[4]="data.primate.com/*";
this[5]="bankofbermuda.com/*";
this[6]="*.ebankline.bankofbermuda.com";
this[7]="*.clientaccess.bankofbermuda.com";
this[8]="*.bankofbermuda.com";
this[9]="*.helpdesk.bldc.com";
this[10]="*.ebankline.bankofbermuda.com";
this[11]="*.clientaccess.bankofbermuda.com";
this[12]="*.bankofbermuda.bm";
this[13]="*.data.primate.com";
this[14]="*.tritonh.bldc.com";
}
DirectNames=new MakeNames();
cDirectNames=15;
HttpPort="8080";
cNodes=1;
function MakeProxies(){
this[0]=new Node("Bldcisa.TritonH.bldc.com",0,1.000000);
}
Proxies = new MakeProxies();
function Node(name, hash, load){
this.name = name;
this.hash = hash;
this.load = load;
this.score = 0;
return this;
}
function FindProxyForURL(url, host){
var hash=0, urllower, i, fIp=false, ip, nocarp=false, skiphost=false;
var list, pl, j, score, ibest, bestscore, port=HttpPort;
urllower = url.toLowerCase();
if((urllower.substring(0,5)=="rtsp:") ||
(urllower.substring(0,6)=="rtspt:") ||
(urllower.substring(0,6)=="rtspu:") ||
(urllower.substring(0,4)=="mms:") ||
(urllower.substring(0,5)=="mmst:") ||
(urllower.substring(0,5)=="mmsu:"))
return "DIRECT";
if(UseDirectForLocal){
if(isPlainHostName(host))
fIp = true;}
for(i = 0; i < cDirectNames; i++)
if(shExpMatch(host, DirectNames[i])){
fIp = true;
break;}
if(cDirectIPs == 0){
if(fIp)
return "DIRECT";}
else{
ip = host;
if(fIp)
ip = dnsResolve(host);
var isIpAddr = /^(\d+.){3}\d+$/;
if(isIpAddr.test(ip)){
for(i = 0; i < cDirectIPs; i += 2){
if(isInNet(ip, DirectIPs[i], DirectIPs[i+1]))
return "DIRECT";}}
else if(isPlainHostName(host))
return "DIRECT";
}
if(!skiphost)
hash = HashString(host,hash);
if(nocarp)
hash = HashString(myIpAddress(), hash);
pl = new Array();
for(i = 0; i<cNodes; i++){
Proxies[i].score = Proxies[i].load * Scramble(hash ^ Proxies[i].hash);
pl[i] = i;
}
list = "";
for(j = 0; j < cNodes; j++){
bestscore = -1;
for(i = 0; i < cNodes-j; i++){
score = Proxies[pl[i]].score;
if(score > bestscore){
bestscore = score;
ibest = i;
}}
list = list + "PROXY " + Proxies[pl[ibest]].name + ":" + port + "; ";
pl[ibest] = pl[cNodes-j-1];
}
list = list + BackupRoute;
return list;
}
var h_tbl = new
Array(0,0x10D01913,0x21A03226,0x31702B35,0x4340644C,0x53907D5F,0x62E0566A,0x72304F79,0x8680C898,0x9650D18B,0xA720FABE,0xB7F0E3AD,0xC5C0ACD4,0xD510B5C7,0xE4609EF2,0xF4B087E1);
function HashString(str, h){
for(var i=0; i<str.length; i++){
var c = str.charAt(i);
if (c==':' || c=='/') break;
c = CharToAscii(c.toLowerCase());
h = (h >>> 4) ^ h_tbl[(h ^ c) & 15];
h = (h >>> 4) ^ h_tbl[(h ^ (c>>>4)) & 15];
h = MakeInt(h);
}
return h;
}
function Scramble(h){
h += ((h & 0xffff) * 0x1965) + ((((h >> 16) & 0xffff) * 0x1965) << 16)
+ (((h & 0xffff) * 0x6253) << 16);
h = MakeInt(h);
h += (((h & 0x7ff) << 21) | ((h >> 11) & 0x1fffff));
return MakeInt(h);
}
var Chars ="
!\"#$%&\'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~âÂ???????????ÂÅÂÂ????????????ÂÅ?
ÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃÃ
";
function CharToAscii(c){
return Chars.indexOf(c) + 32;
}
function MakeInt(x){
x %= 4294967296;
if(x < 0)
x += 4294967296;
return x;
}
Thanks
Steve
This project is so important, we can't let things that are more
important interfere with it.
Steve Moffat
Operations Director
Optimum IT Solutions
* Email: steve@xxxxxxxxxx
( Office:(441) 232-8849
( Mobile: (441) 232-8849
Dedicated to proactively supporting our customers
This email may contain confidential information. If you are not named
on the addressee list, please take no action in relation to this email, do not
open any attachment, and please contact the sender (details above) immediately.
Information in this email is provided in good faith. If you are a customer of
Optimum IT Solutions please refer to the terms and conditions which cover the
provision of support and consulting services to you/your organization. If you
are not corresponding in the course of, or in connection with a Optimum IT
Solutions contract or program with its own terms and conditions, please note
that no liability is accepted by Optimum IT Solutions for the contents of this
mail.
All mail to and from this domain is GFI-scanned.
All mail to and from this domain is GFI-scanned.
All mail to and from this domain is GFI-scanned.
Other related posts:
