Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Anonymous access in Microsoft Proxy 2.0 in WIN NT

Status
Not open for further replies.
hourang

hourang

IS-IT--Management
Feb 4, 2002
8
US
Ok heres the prob, i want to have anonymous access blocked for the in micorsoft proxy 2.0 because of the fact that i had someone using our proxy server with anonymous access and taking up our bandwidth. But when i have it disabled, no programs like real audio, aol IM, icq, mirc, etc will work on a pc. as soon as i enable anon access they work again. Why is this??? they are logging in with a valid user name and password, it gives me an authorization error or something. Is the only other way to stop people from using it by changing the html port to something other than 80?? im new to network security and need help. Thanks for any info.

Jeff
 
Sort by date Sort by votes
On the MMC, right click on the Web Proxy and click on Properties, then Permissions. I guess you’ve been here before. :)

It's been a long while since I had to set this up but I seem to remember that the default settings, even with 'Enable Access Control' enabled was that everybody could use the service so it was effectively anonymous. Two ways out of this depending on how many users you need to allow. I don't have many (just under 100) so I set the machine to allow specific, named, individuals only. You could also create a group with all the accounts in, but that's just the same effort. Once you've got a specific account name logged, you'll be able to see who's online at any given moment too. To add accounts, click Edit and add the groups, users in the usual way.

The AOL and other similar services are configured under the SOCKS section, not the Have a look at the permissions here. They are a bit more complex so I won't bother going into detail here, but should you need to, you can allow access only to specific IP addresses or ranges. If the access to the site is by account rather then general access then you need to install the PSProxy Client software on the target workstations. (Installed from the mspclnt <\\root\msp\clients>) Just run Setup! Dangerous this though, beware. If all your people have access to AOL and the like, not only do you massively increase the chances of a Virus attack through these mediums, but, as with FTP, your allowing free-range downloading of potentially dangerous, configuration challenging and downright illegal software. Do your people actualy need access to this in your corporate environment?
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Ailuin
  • Locked
  • Question
Best Residential proxy provider.
Replies
1
Views
310
AvivBes
AvivBes
jim_bmx
  • Locked
  • Question
sh proxy command
Replies
0
Views
233
jim_bmx
jim_bmx
AllenH12
  • Locked
  • Question
Bandwidth in Cisco ASA 5505
Replies
2
Views
206
AllenH12
AllenH12
Shmid
  • Locked
  • Question
Restricting Sonicwall SSL-VPN users for WAN access
Replies
7
Views
369
Shmid
Shmid
disturbedone
  • Locked
  • Question
proxy.pac not working correctly in IE11
Replies
0
Views
83
disturbedone
disturbedone

Part and Inventory Search

Sponsor

Back
Top