Blogs

How to block traffic with a HTTP Signature

  • Comments 11
  • Likes

A thread that I keep seeing in the newsgroups is “How do I block IM clients on my network with ISA Server?”. 

 

 Most IM and P2P clients today can be configured to use port 80, or to use the same proxy settings as IE, or  can have their own proxy settings, so blocking the applications native protocol does not help much when you need to allow your users to surf the Internet. Remember ISA does not allow traffic to pass unless you create a rule to allow it. ISA Server allows you to block HTTP traffic based upon the applications unique signature. By blocking traffic based upon its signature you can block specific traffic, while still allowing your users to surf the Internet.  

 

Follow the following steps to block traffic with a HTTP signature.

  1. You need to know the application signature that you want to block. For a sample list of application signatures, see Common Application Signatures on the ISA Server TechNet web site. In my next blog entry I will discuss how to discover the signature for an application. You can also search the Internet for common application signatures.
  2. Create an access rule allowing HTTP traffic.
  3. Right click the access rule and select Configure HTTP.
  4. Select the Signatures tab.
  5. Click Add, and enter the following information: The example signature is for MSN Messenger.
    1. Name: MSN Messenger
    2. Search in: Select Request headers
    3. HTTP header: User-Agent: (including the colon)
    4. Signature: MSN Messenger
  6. Click OK and OK.
  7. Apply your changes and try to open MSN Messenger.

 

Signatures are defined on a per rule basis and can be defined on access rules or Web publishing rules.

 

Gershon Levitz

ISA Server User Education

Comments
  • How to block Skype in ISA Server

  • male gay videos download
    feet boys
    little boys winter coat formal
    gay male erotic cartoons
    jays xxx gay links

  • Nice site!
    [url=http://jztdrfkm.com/wvdu/bnmy.html]My homepage[/url] | [url=http://oowjcyqy.com/rueo/ibwd.html]Cool site[/url]

  • Thank you!
    <a href="http://jztdrfkm.com/wvdu/bnmy.html">My homepage</a> | <a href="http://slysgfbm.com/dycy/thla.html">Please visit</a>

  • Nice site!
    http://jztdrfkm.com/wvdu/bnmy.html | http://vodqsbfc.com/mrzz/vvfa.html

  • Hi,

    I wants to block attachment for yahoo,hotmail,gmail users. How can I achieve this?

  • Not much on my mind today. What can I say? I've just been sitting around waiting for something to happen. But i found this site and became happy! vu : og

  • How can I block your freedom with ISA 2004 server?

  • Hi my name is phanos  I am working on isa server 2004 and I would like to now if there is a way to pout an exception  word on isa server  signature like  *essex* from the word *sex*  

  • In regard to "How can I block your freedom with ISA 2004 server?", some workaround are out there.

    Create an access rule in which all outbound traffic to freedom server are disallowed.

    Regular update to the url list is required.

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment