Finding out how a program gets through HTTP Proxy
Novell Cool Solutions: Tip
Digg This -
Posted: 3 Oct 2002
Here's a nifty way to determine which access rules should be set up to block specific services. (Very useful for keeping a step ahead of the students.)
- Choose a user account that doesn't have a lot of traffic, or set one up just for this test.
- Enable proxy authentication. This will ensure that the user account you are testing with shows up in the logs.
- Set up an Allow All URL access rule at the top of the rules list, with Source = the NDS user account you are testing with. Enable rule logging.
- Connect to the web site/service (like Yahoo Messenger) and try to login.
- Check the Access Rule logs for the last 30 minutes or so to see what was allowed, find the test user account, double-click on it, and look at the URLs.
- Set up a Deny URL rule right above the Allow URL for the test user, enable logging on it, and enter a URL to deny. Wildcards are allowed.
- Test again. If the Deny rule worked, you will see that in the Access Rule logs. If the login worked, the software may have tried a second option you also have to deny, or your Deny rule may have the wrong syntax. Also, when the access rules deny a site, you should see in the Proxy Console screen on the BorderManager server an immediate increase in the "Failed" statistic.
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com