Archive for the ‘Internet Security’ Category

Disable ‘Automatically detect settings’ in Internet Explorer

Tuesday, August 30th, 2011

This script allows you to turn off (or on) the ‘Automatically Detect Settings’ check box in Internet Explorer.

I have not been able to find a way which guarantees that this will not be checked. You can set a Group Policy into Internet Explorer Preference Mode, but if a user later changes it, then it will not change back. If you Disable Changing IE Proxy Settings, then the Preference Mode Setting seems not to work.

I have set this script to run at logon, as part of our general login script. It only modifies that one setting, no others. It reads the entire of the binary value, modifies the one binary value that needs changing and then writes back the entire value.

Option Explicit
On Error Resume Next
'Create a constant for the HKEY_CURRENT_USER object
Const HKCU = &H80000001
'Define variables
Dim strComputer
Dim strRegistryKey
Dim objRegistry
Dim strRegistryValue
DIm binValue
strComputer = "."
strRegistryKey = "Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections"
strRegistryValue = "DefaultConnectionSettings"
'Connect to the Registry
Set objRegistry = GetObject("winmgmts:\\" & strComputer & "\root\default:StdRegProv")
'Retrieve the current settings.
objRegistry.GetBinaryValue HKCU, strRegistryKey, strRegistryValue, binValue
'Change the 'Automatically detect settings' box to unticked
binValue(8) = 05
'binValue(8) = 13 - Enable this line to check the box instead of uncheck
'Save the changes
objRegistry.SetBinaryValue HKCU, strRegistryKey, strRegistryValue, binValue

Unmark this post as useful.

Tags: , ,
Posted in Internet Security, VBScript | No Comments »

TMG & ISA Tools

Monday, May 23rd, 2011

Just a quick plug for Jim Harrison here, who for the third time this month has made my life easier by either collating or producing an array of useful tools for ISA and TMG.

Take a peek at http://www.isatools.org/

Also got up to date information on ISA and TMG releases. Definitely one to bookmark.

Unmark this post as useful.

Posted in Internet Security | No Comments »

Redirect Website Root to /Exchange & Correct Protocols

Friday, May 6th, 2011

Just been working on a way around one of life’s annoyances. To get to an OWA 2003 site on a Windows SBS 2003 box, I have to remember to put in https:// and remember to put /exchange at the end. It annoys me having to remember, I often forget the protocol and it wastes my time.

Today I had a chance to find a workaround for this. Turns out to be really simple.

I am using Windows Small Business Server 2003 Premium, which includes ISA 2004.

Log on to your server and open up the ISA Management Console. Select the Firewall node on the left, and look down the list for ‘SBS OWA Web Publishing Rule’.

Open up the properties and select the Bridging tab. On this tab ensure that only the ‘Redirect requests to SSL port’ is selected, along with you relevant SSL port.

Next hop back to the Paths tab. In the paths tab there wiull be three entries, one for Exchange, one for ExchWeb and one for Public. These are important and you must not edit these. Instead add a new path, with the internal name as /Exchange and an external name of /. Your window should look something like below.

Apply your changes, and test your work from a remote machine.

These instructions should also work if you have a separate ISA and Exchange server and are not running SBS.

Unmark this post as useful.

Tags: ,
Posted in Exchange, Internet Security | No Comments »

ISA 2004: Configure HTTP Greyed Out

Thursday, May 5th, 2011

To set the scene, we have just created a WSS 3 site using forms based authentication. Published it through ISA 2004. Browsed to the site and we get this error.

Following Microsoft’s guidance and information on various blogs, it suggetsed to disable the Verify Normalisation and the Block High Bit Characters options in the HTTP filter. We browsed to the rule in question, opened the Properties and selected the Trafic tab. The HTTP and HTTPS protocols are listed, but the Filtering button is disabled.

Things to check to enable this Filtering button are:

  1. Go to Configuration –> Add-Ins
  2. Ensure that the Web Proxy Filter is shown and enabled (if you have the option to disable it)
  3. Select Web Filters and ensure that the HTTP Filter is present and enabled
  4. Go to Firewall Policy and open the HTTP Protocol Properties
  5. On the Parameters tab, in the Application Filters panel ensure that Web Proxy Filter is checked.
  6. Apply your changes.

The Filtering button on the Traffic tab will now be available and the Verify Normalisation and Block High Bit Characters can be disabled.

Unmark this post as useful.

Tags: ,
Posted in Internet Security, SharePoint | No Comments »

ISA 2006: Re-design

Wednesday, April 7th, 2010

Just been working on our ISA infrastructure. We have 2 ISA servers, 1 for staff, and 1 for students. Main reason for the separate servers is that each ‘group’ have to go through a different upstream proxy server. (Bit of a pain, but that’s what we have to do.)

Simple task this morning, block a couple of sites and add a new HTTP signature in for blocking. Open up the ISA Management console and off we go.

Upon opening, I was greeted with a dozen rules and a number of separate filters. I knew that ISA performance had been suffering recently, but not really had the time to do anything about it. It looks like over time, as requirements have changed and extra sites and services needed restricting or allowing, the design of the firewall rules, and web chaining rules had become one giant mess.

Taking the opportunity of a bit of time for once, took all of the rules, deleted them and started from scratch. Managed to get 14 rules down to 3. Took a look at the web chaining rules, and reorganised them into a more logical order. Traffic is all now told to attempt to go direct to the source instead of the upstream proxy. Previously, all traffic was directed to the upstream proxy, and then told to go direct if it didn’t match a rule. (I think that makes sense!).

Other than making the whole configuration simpler (always a good feature), the re-design has had two positive side effects that weren’t planned for. ISA performance has improved by around 50%. Request times are taking half a s long to process as they were before. Also, YouTube has started working!! Something in the configuration was stopping YouTube from loading and playing videos, but in the mess of rules, we could not determine what the problem was.

Today I have determined that every so often, you need to really challenge an existing design to ensure that it is as simple, and as functional as it needs to be.

Unmark this post as useful.

Tags:
Posted in Internet Security, Server 2008 | No Comments »

ISA 2006 Word Filter

Tuesday, December 15th, 2009

Have been looking today at word filters in ISA 2006, and stumbled across this post below. I was looking for a way of ensuring that any web page containing the address of a well known games site, used for general timewasting in the college.

Anyway, found this post, implemented the filters as it described, and the dreaded games site is no more.

http://www.elmajdal.net/isaserver/Keyword_Filtering_With_ISA_Server_2006.aspx

Further information, more in depth and details on all of the configuration options can also be found on Microsoft Technet at the following address:

http://technet.microsoft.com/en-us/library/bb794829.aspx

The end of Proxy Bypass, Anonymisers and Flash Games sites!

Unmark this post as useful.

Tags:
Posted in Internet Security | 3 Comments »