Blog du Tristank

So terrific that 3 of 4 readers rated it "soporific"

May, 2004

  • ISA 2000: Web Publishing a .Net Web Service

    There's no real trick to it, apart from the good old Web Publishing authentication part. Short version: Treat the published website exactly as you would a real web server, don't try to treat it like a proxy (submitting proxy authentication credentials...
  • ISA 2000: SP2 Out Now

    ISA 2000 Service Pack 2 is available now, start testing your upgrades today! The readme file is linked from the above URL.
  • RSS: How Many Applications?

    My token occasional "not actually related to my job" post, just typing to get my ideas down. I'm not employed as a programmer or PM, so expect questions, not policy statements! I've put together a couple of RSS aggregator test apps in the past year...
  • ISA 2000: Block Barry's Access Except For One Site

    Q: I need to block Internet access for Barry, except for one site. A: As long as all users are required to authenticate when surfing, this is doable. You can specify exclusions using the Site and Content rules. However, if any combination of...
  • More on Sasser, IPSec Firewalls, and SMB

    I've had a couple of internal and external questions on the last post; rather than keep on flogging the earlier article , here's some more background information on how this all works. I've been known to be wrong before, so please yell if you spot any...
  • Using IPSec Policies as a Firewall to Block SASSER Infection

    Short version: Use an IPSec policy to configure a miniature firewall on each client (Windows 2000 and above) to stop SASSER reboots and buy time to deploy the patch. Long version: The Sasser worm hits hosts on port 445 to infect them and crashes...