+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 19
How do you do....it? Thread, Banning Websites in Technical; Hi, my first post. Ok.. We have an ISA server running 2004 and we also have the LGFL filtering proxy... ...
  1. #1
    James2k's Avatar
    Join Date
    Jan 2008
    Location
    New Malden
    Posts
    59
    Thank Post
    1
    Thanked 3 Times in 3 Posts
    Rep Power
    14

    Banning Websites

    Hi, my first post.

    Ok.. We have an ISA server running 2004 and we also have the LGFL filtering proxy...

    But yet the kids can still get on https://www.rainlock.com/ even though every variant has been banned/added to every deny list. And im starting to pull out my hair with frustration at this site, as I cannot find a way of properly banning it... Would like to know if anybody else out in this mass community has found a way of blocking it?

    Many thanks

    James

  2. #2

    Join Date
    Mar 2007
    Posts
    1,748
    Thank Post
    79
    Thanked 288 Times in 219 Posts
    Rep Power
    70
    if you have your own dns you could change the record for that site?.

  3. #3

    mattx's Avatar
    Join Date
    Jan 2007
    Posts
    9,236
    Thank Post
    1,057
    Thanked 1,067 Times in 624 Posts
    Rep Power
    740
    Quote Originally Posted by James2k View Post
    Hi, my first post.

    Ok.. We have an ISA server running 2004 and we also have the LGFL filtering proxy...

    But yet the kids can still get on https://www.rainlock.com/ even though every variant has been banned/added to every deny list. And im starting to pull out my hair with frustration at this site, as I cannot find a way of properly banning it... Would like to know if anybody else out in this mass community has found a way of blocking it?

    Many thanks

    James
    We don't run ISA server, we use Navaho - I have managed to ban most proxy sites by just blocking any site which has the word 'proxy' or ' proxies' in - is there a way of doing this on your network ?

  4. #4
    ArchersIT's Avatar
    Join Date
    Nov 2006
    Location
    Bedfordshire
    Posts
    114
    Thank Post
    14
    Thanked 24 Times in 20 Posts
    Rep Power
    20
    Quote Originally Posted by James2k View Post
    Hi, my first post.

    Ok.. We have an ISA server running 2004 and we also have the LGFL filtering proxy...

    But yet the kids can still get on https://www.rainlock.com/ even though every variant has been banned/added to every deny list. And im starting to pull out my hair with frustration at this site, as I cannot find a way of properly banning it... Would like to know if anybody else out in this mass community has found a way of blocking it?

    Many thanks

    James

    From http://www.microsoft.com/technet/isa...nnamesets.mspx

    For HTTPS traffic, URL sets are only processed if the URL does not have a path specified. For example, http://a.com or "a.com". If the URL has a path specified (even "/"), it is ignored for HTTPS traffic.
    It looks like this may help as you have listed the url with a trailing /

    Cheers

    Jonathan

  5. #5
    ArchersIT's Avatar
    Join Date
    Nov 2006
    Location
    Bedfordshire
    Posts
    114
    Thank Post
    14
    Thanked 24 Times in 20 Posts
    Rep Power
    20
    Quote Originally Posted by mattx View Post
    We don't run ISA server, we use Navaho - I have managed to ban most proxy sites by just blocking any site which has the word 'proxy' or ' proxies' in - is there a way of doing this on your network ?
    If you mean blocking the word proxy in the URL, then yes this is possible in ISA 2004 by RMC on the rule and selecting configure http. You can then put in a signature to ban based on the response or request headers, url, bodies etc. We use this for games websites, with a whitelist higher up the order to allow access to educational games sites.

    Jonathan

  6. #6

    Join Date
    Oct 2005
    Location
    East Midlands
    Posts
    737
    Thank Post
    17
    Thanked 105 Times in 65 Posts
    Rep Power
    36

    Use the host file on isa server

    Quote Originally Posted by James2k View Post
    Hi, my first post.

    Ok.. We have an ISA server running 2004 and we also have the LGFL filtering proxy...

    But yet the kids can still get on https://www.rainlock.com/ even though every variant has been banned/added to every deny list. And im starting to pull out my hair with frustration at this site, as I cannot find a way of properly banning it... Would like to know if anybody else out in this mass community has found a way of blocking it?

    Many thanks

    James
    Hi James,

    One of the way to block it wouldbe to use the hosts file on the isa server.

    Add an entry like following

    127.0.0.1 rainlock.com


    Add the above line to the hosts file on the isa server as i said and then try it. I'm assuming you have tried banning using domain name sets.

    Ash.

  7. #7
    James2k's Avatar
    Join Date
    Jan 2008
    Location
    New Malden
    Posts
    59
    Thank Post
    1
    Thanked 3 Times in 3 Posts
    Rep Power
    14
    Thank you all very much for all your replies I will reply back when I have found which method works the best....

    Me and my hair thank you

  8. #8

    mattx's Avatar
    Join Date
    Jan 2007
    Posts
    9,236
    Thank Post
    1,057
    Thanked 1,067 Times in 624 Posts
    Rep Power
    740
    Quote Originally Posted by ArchersIT View Post
    If you mean blocking the word proxy in the URL, then yes this is possible in ISA 2004 by RMC on the rule and selecting configure http. You can then put in a signature to ban based on the response or request headers, url, bodies etc. We use this for games websites, with a whitelist higher up the order to allow access to educational games sites.

    Jonathan
    Not just in the URL field, I mean on the actual page the person is viewing.
    We are able to block pages with certain words on..... I just feel sorry for the people of Scunthorpe...;-)

  9. #9

    DaveP's Avatar
    Join Date
    Oct 2006
    Location
    Can't talk now: The mother-ship is calling!
    Posts
    8,703
    Thank Post
    351
    Thanked 1,268 Times in 866 Posts
    Blog Entries
    4
    Rep Power
    1124
    We are using a rather dated version of ISA [3.0.1200.166] However when I come acroos a site that I can't block, like the one described, I can sometimes block it by blocking an IP range, so for www.rainlock.com I would block from 69.64.85.158 to 69.64.85.158

    This has got me out of a hole more than once. You might be able to try it on your ISA?

  10. #10
    ArchersIT's Avatar
    Join Date
    Nov 2006
    Location
    Bedfordshire
    Posts
    114
    Thank Post
    14
    Thanked 24 Times in 20 Posts
    Rep Power
    20
    Quote Originally Posted by mattx View Post
    Not just in the URL field, I mean on the actual page the person is viewing.
    We are able to block pages with certain words on..... I just feel sorry for the people of Scunthorpe...;-)
    ISA only likes checking the first few bytes of the body - it warns of performance problems if you check too much (although if the server is not exactly stressed so it would probably be OK).

    Jonathan

  11. #11
    James2k's Avatar
    Join Date
    Jan 2008
    Location
    New Malden
    Posts
    59
    Thank Post
    1
    Thanked 3 Times in 3 Posts
    Rep Power
    14
    Hi guys and girls..

    Found out how to block it...

    If anyone is having trouble with this site you need to ban a few websites...

    *.dedicated.*
    *.dedicated.abac.net
    *.rainlock.*
    *.rainlock.com
    *rainlock*
    69-64-84-92.*
    69-64-84-92.dedicated.*
    69-64-84-92.dedicated.abac.*
    69-64-84-92.dedicated.abac.net
    http://rainlock.*
    http://rainlock.com
    http://www.rainlock.com
    http://www.rainlock.*
    https://rainlock.*
    https://www.rainlock.*
    https://www.rainlock.com
    https://www.rainlock.com/cgi-bin-index.cgi


    I know it is a few sites but there are different variants and I personally wanted to make sure that the kids couldn't get on this... If all the sites are added to your deny list or ban list the site should come back with a site not found error.

    I feel my hair growing back ....

  12. #12
    James2k's Avatar
    Join Date
    Jan 2008
    Location
    New Malden
    Posts
    59
    Thank Post
    1
    Thanked 3 Times in 3 Posts
    Rep Power
    14
    Seems that banning them sites was only a small fix.... Any other ideas?

    Many Thanks.

  13. #13


    tom_newton's Avatar
    Join Date
    Sep 2006
    Location
    Leeds
    Posts
    4,458
    Thank Post
    866
    Thanked 845 Times in 667 Posts
    Rep Power
    195
    A small fix in what way? They've found new ones?

    Tom

  14. #14
    James2k's Avatar
    Join Date
    Jan 2008
    Location
    New Malden
    Posts
    59
    Thank Post
    1
    Thanked 3 Times in 3 Posts
    Rep Power
    14
    I think the site has done something. I have got Synetrix to sort it out as i've run out of ideas...

  15. #15

    Join Date
    Mar 2007
    Posts
    1,748
    Thank Post
    79
    Thanked 288 Times in 219 Posts
    Rep Power
    70
    try doing it in dns mate, create a forward lookup zone called rainlock.com and point it at something that will spook the kids, like webmail or google, or a holding page with there name , the aup and a printing icon.

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. Can access most websites but not all
    By SimpleSi in forum General Chat
    Replies: 10
    Last Post: 19th February 2008, 11:19 PM
  2. Banning students from certain locations
    By blackcat in forum How do you do....it?
    Replies: 3
    Last Post: 8th December 2007, 11:00 AM
  3. Malicious Websites
    By sqdge in forum School ICT Policies
    Replies: 55
    Last Post: 23rd June 2007, 06:16 PM
  4. Internet Banning using LanView3? With IE7 you can.
    By metalmonkey in forum Wireless Networks
    Replies: 4
    Last Post: 15th December 2006, 09:51 AM
  5. Spooky Websites
    By ninjabeaver in forum Jokes/Interweb Things
    Replies: 0
    Last Post: 28th June 2005, 08:52 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •