Discussion:
Clients omzeilen ISA
(te oud om op te antwoorden)
Deweirt Steven - CSware
2004-07-14 12:48:43 UTC
Permalink
Block the changing of proxy trough GPO in AD,

create a deny rule to all destinations execpt .... the one's you want.
based for that client set



24/05/2004 14:40:23
Hey,
Al geprobeerd proxy.pandora.be te blocken via een rule??
anders poort 8080 naar buiten (of op 2e firewall)
dichtzetten! heeft geholpen bij mij..
JP
-----Original Message-----
Hallo,
De post is in het engels, aangezien ik het op
verschillende forums reeds gepost heb, maar ik
veronderstel dat dat geen probleem zal vormen :-).
--------------------------------
I have 2 NIC's installed. One connected directly to the
router (and the internet),
one to a hub, connecting to the internal LAN.
If I explicitly DENY internet access to a classroom,
through Protocol Rules
based on Client Address Sets, the clients cannot access
the internet, even if
they change the proxy. So far so good.
If I ALLOW internet access to a classroom through
Protocol Rules based on
Client Address Sets, the clients can access the internet,
and if they change their
proxy to the proxy of my ISP (in my
case "proxy.pandora.be:8080"), they
can bybass my Site And Content Rules.
So even if I have a rule that says they cannot view
http://www.nukezone.nu,
they still can, if they change their proxy
from "PHHISA:8080" to "proxy.pandora.be:8080".
--------------------------------
Iemand een verklaring/oplossing?
grtz
.
jaimin
2004-07-26 12:51:49 UTC
Permalink
Hi there

Now, I know you can use ISA for this but you may consider our Browse
Control software since it allows the teacher in each classroom to turn
internet ON/OFF.

You can download/view details at: www.browsecontrol.com

Regards
Divyesh
Post by Deweirt Steven - CSware
Block the changing of proxy trough GPO in AD,
create a deny rule to all destinations execpt .... the one's you want.
based for that client set
24/05/2004 14:40:23
Hey,
Al geprobeerd proxy.pandora.be te blocken via een rule??
anders poort 8080 naar buiten (of op 2e firewall)
dichtzetten! heeft geholpen bij mij..
JP
-----Original Message-----
Hallo,
De post is in het engels, aangezien ik het op
verschillende forums reeds gepost heb, maar ik
veronderstel dat dat geen probleem zal vormen :-).
--------------------------------
I have 2 NIC's installed. One connected directly to the
router (and the internet),
one to a hub, connecting to the internal LAN.
If I explicitly DENY internet access to a classroom,
through Protocol Rules
based on Client Address Sets, the clients cannot access
the internet, even if
they change the proxy. So far so good.
If I ALLOW internet access to a classroom through
Protocol Rules based on
Client Address Sets, the clients can access the internet,
and if they change their
proxy to the proxy of my ISP (in my
case "proxy.pandora.be:8080"), they
can bybass my Site And Content Rules.
So even if I have a rule that says they cannot view
http://www.nukezone.nu,
they still can, if they change their proxy
from "PHHISA:8080" to "proxy.pandora.be:8080".
--------------------------------
Iemand een verklaring/oplossing?
grtz
.
Loading...