Hi, my first post.
Ok.. We have an ISA server running 2004 and we also have the LGFL filtering proxy...
But yet the kids can still get on https://www.rainlock.com/ even though every variant has been banned/added to every deny list. And im starting to pull out my hair with frustrationat this site, as I cannot find a way of properly banning it...
Would like to know if anybody else out in this mass community has found a way of blocking it?
Many thanks
James
if you have your own dns you could change the record for that site?.
We don't run ISA server, we use Navaho - I have managed to ban most proxy sites by just blocking any site which has the word 'proxy' or ' proxies' in - is there a way of doing this on your network ?Originally Posted by James2k
Hi, my first post.
Ok.. We have an ISA server running 2004 and we also have the LGFL filtering proxy...
But yet the kids can still get on https://www.rainlock.com/ even though every variant has been banned/added to every deny list. And im starting to pull out my hair with frustration
Many thanks
James
Hi, my first post.
Ok.. We have an ISA server running 2004 and we also have the LGFL filtering proxy...
But yet the kids can still get on https://www.rainlock.com/ even though every variant has been banned/added to every deny list. And im starting to pull out my hair with frustration
Many thanks
James
From http://www.microsoft.com/technet/isa...nnamesets.mspx
It looks like this may help as you have listed the url with a trailing /For HTTPS traffic, URL sets are only processed if the URL does not have a path specified. For example, http://a.com or "a.com". If the URL has a path specified (even "/"), it is ignored for HTTPS traffic.
Cheers
Jonathan
If you mean blocking the word proxy in the URL, then yes this is possible in ISA 2004 by RMC on the rule and selecting configure http. You can then put in a signature to ban based on the response or request headers, url, bodies etc. We use this for games websites, with a whitelist higher up the order to allow access to educational games sites.
Jonathan
Hi James,Hi, my first post.
Ok.. We have an ISA server running 2004 and we also have the LGFL filtering proxy...
But yet the kids can still get on https://www.rainlock.com/ even though every variant has been banned/added to every deny list. And im starting to pull out my hair with frustration
Many thanks
James
One of the way to block it wouldbe to use the hosts file on the isa server.
Add an entry like following
127.0.0.1 rainlock.com
Add the above line to the hosts file on the isa server as i said and then try it. I'm assuming you have tried banning using domain name sets.
Ash.
Thank you all very much for all your replies I will reply back when I have found which method works the best....
Me and my hair thank you
Not just in the URL field, I mean on the actual page the person is viewing.
We are able to block pages with certain words on..... I just feel sorry for the people of Scunthorpe...;-)
We are using a rather dated version of ISA [3.0.1200.166] However when I come acroos a site that I can't block, like the one described, I can sometimes block it by blocking an IP range, so for www.rainlock.com I would block from 69.64.85.158 to 69.64.85.158
This has got me out of a hole more than once. You might be able to try it on your ISA?
ISA only likes checking the first few bytes of the body - it warns of performance problems if you check too much (although if the server is not exactly stressed so it would probably be OK).
Jonathan
Hi guys and girls..
Found out how to block it...
If anyone is having trouble with this site you need to ban a few websites...
*.dedicated.*
*.dedicated.abac.net
*.rainlock.*
*.rainlock.com
*rainlock*
69-64-84-92.*
69-64-84-92.dedicated.*
69-64-84-92.dedicated.abac.*
69-64-84-92.dedicated.abac.net
http://rainlock.*
http://rainlock.com
http://www.rainlock.com
http://www.rainlock.*
https://rainlock.*
https://www.rainlock.*
https://www.rainlock.com
https://www.rainlock.com/cgi-bin-index.cgi
I know it is a few sites but there are different variants and I personally wanted to make sure that the kids couldn't get on this... If all the sites are added to your deny list or ban list the site should come back with a site not found error.
I feel my hair growing back ....
Seems that banning them sites was only a small fix.... Any other ideas?
Many Thanks.
A small fix in what way? They've found new ones?
Tom
I think the site has done something. I have got Synetrix to sort it out as i've run out of ideas...
try doing it in dns mate, create a forward lookup zone called rainlock.com and point it at something that will spook the kids, like webmail or google, or a holding page with there name , the aup and a printing icon.
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
LinkBack URL
About LinkBacks
