Bugtraq mailing list archives

Re: Bybass HTTP ( extension files ) in ISA 2004

From: medozero () yahoo com
Date: 16 Jul 2006 10:50:41 -0000

well for those who didnot get it it is like this 
make a rule in ISA and in the role make the source is internal network and the destination is external now configure 
the HTTP policy to block specific extension like zip ok now test it try to download any file.zip y0 will have that ISA 
will prevent y0 from downloading it > now try to add # to the end of the file like file.zip# and see what will happen . 
If y0 have any comment on this plz reply . and for some ppl who think this is a scripkeddies thing it is not as it is a 
bug as i see it .

Current thread:

Bybass HTTP ( extension files ) in ISA 2004 medozero (Jul 15)
- Re: Bybass HTTP ( extension files ) in ISA 2004 Thor (Hammer of God) (Jul 17)
- <Possible follow-ups>
- RE: Bybass HTTP ( extension files ) in ISA 2004 Edward Tripovich (Jul 17)
- Re: Bybass HTTP ( extension files ) in ISA 2004 medozero (Jul 18)
  - Re: Bybass HTTP ( extension files ) in ISA 2004 Thor (Hammer of God) (Jul 19)
- Re: Bybass HTTP ( extension files ) in ISA 2004 medozero (Jul 18)