Bypassed ISA Server
Tue Mar 22, 2005 9:16 am
At my company, we have set up ISA Server 2003 with a list of banned sites, in particular a website where one of our employees is downloading 100Mb videos.
The website is on the banned list, spelt right, and when I try to access it via my own PC, its blocked.
But the employee who was downloading videos is still able to access the banned sites.
He's using DHCP, and all computers have to go thru the ISA server to access the internet.
How is this possible?
How can I stop him accessing these sites without removing IE completely from his PC?
The website is on the banned list, spelt right, and when I try to access it via my own PC, its blocked.
But the employee who was downloading videos is still able to access the banned sites.
He's using DHCP, and all computers have to go thru the ISA server to access the internet.
How is this possible?
How can I stop him accessing these sites without removing IE completely from his PC?
Tue Mar 22, 2005 9:20 am
Take a look at his history. There are ways of getting past security by using proxy websites, such as the translator on altavista, cached pages on google, and other such things.
Tue Mar 22, 2005 9:38 am
So if I cleared his cache and cookies out, and blocked the altavista translator, this should stop him?
Tue Mar 22, 2005 9:46 am
No. Clearing the cache and cookies won't do anything, and the altavista translator trick has been known for some time and is likely blocked. You'd probably have to search all the sites in his history, see which ones allow you to access other sites through them and block them.
Tue Mar 22, 2005 10:02 am
As people learn at our school, there's more than one way to skin a cat. Basically saying, no matter how good your filter is, you can always, always, always find a loophole somewhere.
For example, everyone at school goes to a translating website such as freetranslation.com and types in what they're looking for. Be it games, shows, humour or porn. Only difference is that you've got it in another language. And there are so many translation websites out there that you'd be hard-put to block them all.
As I'm trying to do, people can always find proxy sites which they use to bypass the filter.
Heck I've even heard stories of the school tech kid bringing in linux on a CD and getting past the filters with that.
Filters just bring out the creativity in people. In my opinion they should be rewarded with a 50% pay rise and a position in management...
For example, everyone at school goes to a translating website such as freetranslation.com and types in what they're looking for. Be it games, shows, humour or porn. Only difference is that you've got it in another language. And there are so many translation websites out there that you'd be hard-put to block them all.
As I'm trying to do, people can always find proxy sites which they use to bypass the filter.
Heck I've even heard stories of the school tech kid bringing in linux on a CD and getting past the filters with that.
Filters just bring out the creativity in people. In my opinion they should be rewarded with a 50% pay rise and a position in management...
Tue Mar 22, 2005 1:47 pm
Urthdigger wrote:No. Clearing the cache and cookies won't do anything, and the altavista translator trick has been known for some time and is likely blocked. You'd probably have to search all the sites in his history, see which ones allow you to access other sites through them and block them.
Well, I'm the one responsible for blocking bad sites, and I didn't know about it till now.
Suppose I'll go trawling through his history via the server since he won't be able to tell that i'm doing it.
Apart from that, I'll inform his manager