?

Log in

No account? Create an account

Firewalls - John C. Kirk

Mar. 2nd, 2006

12:56 am - Firewalls

Previous Entry Share Next Entry

One of the things I'm currently doing at work is configuring ISA 2004 as our firewall. Without wanting to get sidetracked into advocacy debates, all I'll say is that:
a) It's a lot better than ISA 2000.
b) It's annoying that it doesn't support more than one internet connection, so hopefully they'll fix that in ISA 2006.

Anyway, today I got hold of some blacklists (i.e. a long list of dodgy websites), and set up rules to block them. While I generally think that enumerating badness is a doomed endeavour, enumerating goodness is a bit tricky for websites, so this seems like a reasonable step (in conjunction with other rules). So, once I'd imported these lists, I then tested them, by trying to access the blocked websites on my PC. This is where typos can cause problems...

Me: "Let's see, http://www.killerporn.com/ ... aargh!"
Server: "Tum te tum, I'm blocking http://www.killerpornstars.com/ as ordered."
Me: "Ok, let's add this site to the list as well, then try that again..."

Similar problems occured with the various permutations of "0Adult-manga.com". So, when the report gets run tonight, my traffic may look a bit dodgy tomorrow. In the sense of "My eyeballs are bleeding!"

Ah well, it's a living.

[Just to state the obvious, I don't recommend following those links, especially if you're at work!]

Tags: ,

Comments:

[User Picture]
From:elvum
Date:March 3rd, 2006 01:19 am (UTC)
(Link)
Doesn't it render the blacklists especially pointless if they can be circumvented by *unintentional typos*? :-)
(Reply) (Thread)
[User Picture]
From:sammoore
Date:March 3rd, 2006 05:14 pm (UTC)
(Link)
Thats the best excuse I have heard in a long time....
(Reply) (Thread)