+ Post New Thread
Results 1 to 8 of 8
Windows Thread, ISA 2000 vs Facebook Uploads in Technical; Hi All, Would anyone know how to block uploads on facebook, as of last-night, we've had enough, we're averaging around ...
  1. #1
    ahuxham's Avatar
    Join Date
    Apr 2008
    Posts
    1,122
    Thank Post
    76
    Thanked 138 Times in 109 Posts
    Rep Power
    30

    ISA 2000 vs Facebook Uploads

    Hi All,

    Would anyone know how to block uploads on facebook, as of last-night, we've had enough, we're averaging around 4.5GB into facebook a night, due to being a very large independent boarding school.

    We have a deny access between 8am-4pm, however after its open. I cant seem to get my head around it.

    RM Safteynet ignores my ban on http://facebook.com/editalbum.php (where photos go in)

    Any one have any luck doing this on an ISA server?

  2. #2

    localzuk's Avatar
    Join Date
    Dec 2006
    Location
    Minehead
    Posts
    17,694
    Thank Post
    516
    Thanked 2,455 Times in 1,899 Posts
    Blog Entries
    24
    Rep Power
    833
    Not to be a stick in the mud here but why are you wanting to remove this access? Is it costing you per gig or something?

  3. #3


    tom_newton's Avatar
    Join Date
    Sep 2006
    Location
    Leeds
    Posts
    4,475
    Thank Post
    866
    Thanked 849 Times in 671 Posts
    Rep Power
    196
    With SmoothWall you'd be able to block a specific URL at set times, or limit bandwidth per URL(!). However, our next feature pack (not the one currently in test... the next one) is "about" outgoing filtering.

    Certainly HTTP get/post will come under scrutiny - quite how much is TBC - if you have any ideas i would like to hear them... certainly a "top uploaders" report would be cool to nobble the worst offending users, no?

  4. #4
    ahuxham's Avatar
    Join Date
    Apr 2008
    Posts
    1,122
    Thank Post
    76
    Thanked 138 Times in 109 Posts
    Rep Power
    30
    RM 2MB non-lease lined 20/1 contention, our incoming/outgoing email line, after 5p.m. you cannot access mail externally due to the lack of speed on the line.

    Our Fundraising database also accesses various things out of school on the same line (We are Independent), which in turn slows this down.

  5. #5
    ahuxham's Avatar
    Join Date
    Apr 2008
    Posts
    1,122
    Thank Post
    76
    Thanked 138 Times in 109 Posts
    Rep Power
    30
    Quote Originally Posted by tom_newton View Post
    With SmoothWall you'd be able to block a specific URL at set times, or limit bandwidth per URL(!). However, our next feature pack (not the one currently in test... the next one) is "about" outgoing filtering.

    Certainly HTTP get/post will come under scrutiny - quite how much is TBC - if you have any ideas i would like to hear them... certainly a "top uploaders" report would be cool to nobble the worst offending users, no?
    You mean my daily ban list? Sure, at present with ISA reporting there are some variables that go a-miss. I.e. "requires authentication" however most of the time through some genius method only an IP address is shown, rather than student.

    Any chance of usage per NETBIOS name? or associated an account with NB name?

  6. #6


    tom_newton's Avatar
    Join Date
    Sep 2006
    Location
    Leeds
    Posts
    4,475
    Thank Post
    866
    Thanked 849 Times in 671 Posts
    Rep Power
    196
    Hmm, interesting - so these being boarders you haven't got them auth'd against AD, so the name of the PC might be useful... afraid we only log the (reverse-dns looked-up) hostname at present.

  7. #7
    ahuxham's Avatar
    Join Date
    Apr 2008
    Posts
    1,122
    Thank Post
    76
    Thanked 138 Times in 109 Posts
    Rep Power
    30
    Quote Originally Posted by tom_newton View Post
    Hmm, interesting - so these being boarders you haven't got them auth'd against AD, so the name of the PC might be useful... afraid we only log the (reverse-dns looked-up) hostname at present.
    Oh, they are auth'd against AD, ISA ties all its groups and authentication through the DC's. However, "quirck, bug, general annoyance" it doesn't always authenticate properly.

    I remember an instance a while ago where specific boarders were using "Your Freedom" a paid SSL tunnel to get through ISA, and I still cant figure out why, the only reason they were caught, was the IP address showing massive traffic in logs, upon tracerting, and resolving the IP's we found them to be proxies.

    How a java based applet running on machine could instantly bypass ISA authentication (required) via SSL is beyond me.

    And now as per post... another major point is trying to limit traffic through facebook uploads, another point to add, with upcoming VLE implementation, traffic limitation is now a key priorty to providing a quality QOS inside and outside school

    (If our lease line bid goes through, everythings going to go through a debian squid box, tied into AD, and specific delay_pools setup to limit facebook traffic to around 100kb/s down, 15kb/s up at most. Which would resolve all these issues, but can't guarntee its going to be approved)
    Last edited by ahuxham; 18th June 2008 at 05:32 PM.

  8. #8


    tom_newton's Avatar
    Join Date
    Sep 2006
    Location
    Leeds
    Posts
    4,475
    Thank Post
    866
    Thanked 849 Times in 671 Posts
    Rep Power
    196
    Well, delay pools is what we use to throttle traffic - and in a BECTA approved manner so may be easier to get approval!

SHARE:
+ Post New Thread

Similar Threads

  1. WIndows 2000 / Exchange 2000 New User Issue
    By SYSMAN_MK in forum Windows
    Replies: 22
    Last Post: 3rd May 2008, 01:24 AM
  2. File Uploads
    By dan400007 in forum Coding
    Replies: 1
    Last Post: 11th December 2007, 12:23 PM
  3. Where do Sharepoint uploads go to?
    By katem in forum Web Development
    Replies: 3
    Last Post: 15th November 2007, 02:33 PM
  4. Facebook - is it blocked and are you on it?
    By gwendes in forum General Chat
    Replies: 49
    Last Post: 16th October 2007, 08:44 AM
  5. Facebook skit
    By GrumbleDook in forum Jokes/Interweb Things
    Replies: 2
    Last Post: 13th October 2007, 03:03 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •