Firewalls - John C. Kirk
Mar. 2nd, 2006
12:56 am - Firewalls
One of the things I'm currently doing at work is configuring ISA 2004 as our firewall. Without wanting to get sidetracked into advocacy debates, all I'll say is that:
a) It's a lot better than ISA 2000.
b) It's annoying that it doesn't support more than one internet connection, so hopefully they'll fix that in ISA 2006.
Anyway, today I got hold of some blacklists (i.e. a long list of dodgy websites), and set up rules to block them. While I generally think that enumerating badness is a doomed endeavour, enumerating goodness is a bit tricky for websites, so this seems like a reasonable step (in conjunction with other rules). So, once I'd imported these lists, I then tested them, by trying to access the blocked websites on my PC. This is where typos can cause problems...
Me: "Let's see, http://www.killerporn.com/ ... aargh!"
Server: "Tum te tum, I'm blocking http://www.killerpornstars.com/ as ordered."
Me: "Ok, let's add this site to the list as well, then try that again..."
Similar problems occured with the various permutations of "0Adult-manga.com". So, when the report gets run tonight, my traffic may look a bit dodgy tomorrow. In the sense of "My eyeballs are bleeding!"
Ah well, it's a living.
[Just to state the obvious, I don't recommend following those links, especially if you're at work!]