Re: Kazza and ISA server

["Shaikh Al Hadi Rasool" <sahadir () precience com>]

Hi All,

Anyone has an idea how to block Instant messaging service like (MSN =
messanger,Yahoo messanger Aol instant messanger etc,etc  through ISA =
Server.
And can anybody tell me how to restrict FTP and give on the user a =
scheduler basis permission of FTP through ISA Server. Example if i =
wanted to give a user permission by the clock 11 in the morning till 1 =
pm only then a user can download. or they have the FTP permission =
enabled.

Thanks,
Shaikh Al Hadi Rasool.







----- Original Message -----
From: "Maher Odeh" <rax () netvision net il>
To: "Alaa Shaheen" <Ashaheen () aedegypt org>;
<security-basics () securityfocus com>
Sent: Sunday, August 24, 2003 1:39 PM
Subject: RE: Kazza and ISA server


> Taken from:
> http://www.tek-tips.com/gviewthread.cfm/lev2/3/lev3/21/pid/802/qid/46481
> 4
>
>
>
> First, I am not familiar with ISA server (mostly checkpoint) but, maybe
> blocking access based on headers is a better way.
> it is possible to make kazaa work with port 80 rather than 1214. So they
> will pass.
> But you may block certain headers like:
> "GET /.hash*"
> "UserAgent: KazaaClient"
> "X-Kazaa*" (a few headers start with this)
>
> And according to Microsoft, you can do this with URLScan Web Filter for
> ISA:
> http://download.microsoft.com/download/4/c/b/4cbe9a1f-8d97-4c71-b6b3-d96
> 7924981db/urlscan_readme.htm
>
> I had no chance to try this at ISA server but I hope it works for you.
>
> greetz,
>
> Rule0
>
> -----Original Message-----
> From: Alaa Shaheen [mailto:Ashaheen () aedegypt org]
> Sent: Friday, August 22, 2003 5:43 PM
> To: security-basics () securityfocus com
> Subject: Kazza and ISA server
>
> Hi All
>
> I am having a little problem of controlling the traffic passing through
> my ISA server, specially the P2P file sharing programs such as Kazza and
> Imesh
>
> Did anyone knows how to block Kazza traffic using the ISA server ?
>
> Thanks in advance for your help
>
> Alaa Shaheen
>
> ------------------------------------------------------------------------
> ---
> ------------------------------------------------------------------------
> ----
>
>
>
>
> --------------------------------------------------------------------------
-
> Attend Black Hat Briefings & Training Federal, September 29-30 (Training),
> October 1-2 (Briefings) in Tysons Corner, VA; the world's premier
> technical IT security event.  Modeled after the famous Black Hat event in
> Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors.
> Symantec is the Diamond sponsor.  Early-bird registration ends September
6.Visit us: www.blackhat.com
> --------------------------------------------------------------------------
--


---------------------------------------------------------------------------
Attend Black Hat Briefings & Training Federal, September 29-30 (Training), 
October 1-2 (Briefings) in Tysons Corner, VA; the world's premier 
technical IT security event.  Modeled after the famous Black Hat event in 
Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors.  
Symantec is the Diamond sponsor.  Early-bird registration ends September 6.Visit us: www.blackhat.com
----------------------------------------------------------------------------