ISA 2006 Website Block List

  • 279 views
  • 2 minute read
Total
0
Shares
0
0
0
0
0
0
Share
0 people shared the story
0
0
0
0
0
0

One of the features in ISA Server 2006 is the ability to block traffic based on URL or Domain name. This means that traffic can be blocked for a particular website from ISA Server without disrupting the general Internet access rule.

I’ve compiled some Domain Name Sets and URL Sets from the Internet and zipped them for easy availability for ISA administrators. I’ve added this as ISA 2006 Website Block List. Download the ZIP file containing the ISA 2006 Website Block List and extract it. Under Network Objects in the Toolbox tab, right click URL Sets and click Import. Choose a single XML file from the unzipped folder of URLs. Once you have imported all XML’s, follow the same procedure for Domain Name Sets.

The next step is to create a rule which denies traffic to the websites which are listed in the ISA 2006 Website Block List XML files that we imported. Start by creating a new rule. I’ve named my rule as “Block Custom Sites”.

In the Access Rule, choose “Deny”.

Under protocols, choose HTTP and HTTPS.

Under Sources, choose Internal and VPN Clients.

Under Destinations, choose the XML lists that we imported. You can add multiple XML files.

Remember to shift the rule that we created to the top of all rules and we are done.

Note: The ZIP file contains the following XML’s:

  • Advertisement Sites Domains and URLs
  • Banned Gambling Domains & URLs
  • Online Chat Domains & URLs
  • Online Dating Domains & URLs
  • Porn Sites Domains and URLs
  • Proxies List
  • Sex Sites URLs
  • And more…

I am no longer working on updating and maintaining this list as have stopped working on ISA. Moved over to ForeFront since long.

Total
0
Shares
Share 0
Share 0
Tweet 0
Pin it 0
Share 0
Share 0
Related Tags

An expert in technology, a compelling blogger, an engaging speaker, a passionate wildlife photographer, a creative artist, and a road-trips enthusiast - I love to live at the intersection of technology, creativity, and exploration. Such dynamic blend of interests makes me a relentless learner who is always in pursuit of excellence.

51 comments

  1. It’s difficult to find experienced people on this subject, but you sound
    like you know what you’re talking about! Thanks

    Reply

  2. hi
    it’s very good learning.
    but i have a question. one site is not open in My network (User’s/Client’s). and This site Not blocking.
    this open in other network but not open in my network with ISA2006.
    may help me?
    i have good ping of this site and Ip.

    i (and My user’s) recived this Error by Isa :

    ==============================
    Network Access Message: The page cannot be displayed
    Explanation: There is a problem with the page you are trying to reach and it cannot be displayed.

    Try the following:

    Refresh page: Search for the page again by clicking the Refresh button. The timeout may have occurred due to Internet congestion.
    Check spelling: Check that you typed the Web page address correctly. The address may have been mistyped.
    Access from a link: If there is a link to the page you are looking for, try accessing the page from that link.

    If you are still not able to view the requested page, try contacting your administrator or Helpdesk.

    Technical Information (for support personnel)

    Error Code: 500 Internal Server Error. The semaphore timeout period has expired. (121)
    IP Address: 94.182.146.195
    Date: 2018/01/13 04:30:27 ق.ظ [GMT]
    Server: server2.Cco.factory
    Source: web filter
    =====================================================

    Reply

  3. Yoս need to be a part of a contest for one of the best sites on the internet.
    I will recommend this blog!

    Reply

  4. Sir, i am trying to download the “Block List Website”, after download is complete, when i extract it gives error that file is corrupted.
    Please Guide for the needfull

    Reply

  5. the is damaged
    need updated version including the new websites including youtube ,googleplus ,facebook and googlevideo

    thanks in advance

    Reply

    1. Hi,

      I’ve stopped working further on this list as I no longer work on ISA Server. Too bad that Microsoft had to bring an end to a great product and so I had to move on. Meanwhile, I’ve updated the ZIP file. Let me know if that works for you.

      Reply

  6. Hello… I don’t know if you is maintaning this site, but I have problems for download the file of blacklists in XML. Is there some problem?

    Very thanks in advance.

    Reply

      1. Hi,

        I’ve stopped working further on this list as I no longer work on ISA Server. I’ve updated the ZIP file. Let me know if that works for you.

        Reply

  7. Greetings! This is my first visit to your blog!
    We are a team of volunteers and starting a new initiative in a community in the same niche.
    Your blog provided us useful information to work on.

    You have done a marvellous job!

    Reply

  8. Dear Vishal,

    Can i add some comments in ISA Server 2006 blocked sites so that if anyone want to access the site, they must read the comments.
    Kindly guide us with snapshots.

    Thanks..
    Kind Regards.

    Reply

    1. Hi,

      You can always create custom HTML notification pages with all the instructions that you want to share. When the site is blocked, the user will see this custom error page.

      Reply

    1. You are right as for HTTPS filtering you need to monitor and analyze the HTTPS traffic. ISA’s successor Threat Management Gateway (TMG) does offer this functionality.

      Reply

      1. Dear Sir, I recently deployed isa server but is block gmail services but i dnt block it. I allowed HTTP, HTTPS and FTP Protocol also block some video extensions..
        Please tell me any solution about it

        Reply

  12. Dear sir .
    After install isa server 2006 I can block facebook and some other web site but hotmail and yahoomail not work and page not open(i am not block these site) please suggest me what i do ?

    Reply

  13. how to allow special users everything download and then deny others?
    how to block facebook and some social sites?

    Reply

  14. Can any one help me regarding client access problem in ISA Server 2006.

    After installing ISA server, Client is unable to access server 2003 and shared folder.

    How ever browsing is running at client end through ISA.

    I have also try create rules n add netbios name,dns etc.

    Can any one tell me how to create rules to access server.

    Reply

      1. I am also not accress through remote connection.

        Firewall client is also not connecting with ISA SERVER.

        but browsing is running through proxy settings in browser.

        Please suggest me the settings.

        Thanks for prompt reply.

        Reply

        1. Login to the server directly (not over RDP). Open System Policy Editor and under Remote Management configuration group, select Terminal Server. Click on Remote Management Computers and add your PC’s IP to the list. Apply the new changes and you should be able to connect over RDP now. In case, if you want to manage the server using the Management Console from your PC, repeat the same process under the Microsoft Management configuration group.

          Reply

  15. Hi dear Mr. Vishal

    I am already configured ISA Server 2006, internet controlling through IP based. I am configured four types of rules:-

    1, Fully open whole time.

    2, Limited time only

    3, Full time mail (outlooks) only.

    4, Certain time only full open.

    I want to block some site expect 1st rule, i try to below mention method.

    http://www.youtube.com/watch?v=3LYWFIuMK5M

    this method is Ok but little only work after total internet is disconnected or blocked.

    If you don’t mind please help me.

    Reply

  16. Hi Vishal

    How can we block the redirecting sites like hotmail.com redirected to login.live.com
    I have add the below sites
    *.login.live.com/login.srf
    https://*.login.live.com
    *.hotmail.com

    But if I try for hotmail.com it is browsing

    Can you please help me on this

    Thankx in advance
    Ganesh

    Reply

    1. Hi Ganesh,

      Blocking hotmail, yahoo, gmail, etc. is not easy as they use many redirects and are also accessible from various areas of their websites. The best bet here is to create a rule that checks the HTTP headers for a definate signature. Create a rule, right click and configure HTTP filter, Click on Signatures tab and click Add.

      For example, to block Live Messenger, I would add the following:

      Signature: “login.live.com”
      HTTP Header: “Host”
      Search In: Request Headers

      Reply

  17. How can i configure the ISA server to block websites via user accounts. I have added the ISA to the existing domain and i am able to see the users on the domain. The problem is that the ISA is not blocking by user accounts but by IP addresses. Can you help

    Reply

    1. Hi Javed,

      Before I can guide you on this, kindly provide more details as to how you have configured your ISA server. Are the client’s connecting using a firewall client, proxy settings or are using a direct gateway in their TCP/IP settings? Is ISA configured as a member of your Active Directory?

      Reply

    1. Yes, it is possible. What you would need to do is set a rule for HTTP and HTTPS allowing traffic to the set list of URL just above the default DENY TRAFFIC rule. Ensure that no other rule allows HTTP and HTTPS traffic.

      Reply

  21. dear sir , could you please let m eknow how to block the gmail chatting using isa server 2006.

    please help me on this

    Reply

    1. Hi Daniel,

      You can add computers or IP range and then put that in the exception list of the Blocked Sites rule.

      Reply

  23. I have successfully configured isa server 2006 and created allow rules for all users and deny rules for some of the users.

    I have installed isa server on separate server 2003 which is not configured DNS and ADS.My problem is now can access the domain server but i cannot access the client systems from isa installed syatem.I can access the share folders from domain server but can not access the shared folders from clients systems.

    I have created rule for DNS also. Allow – DNS HTTP HTTPS POB3 – all network set – external – all users But still i am facing the same problem.

    Pls advice ASAP.

    Thanks in advance.

    Reply

    1. Hi,

      Can you check the system policy and see if traffic or access from Local Host is allowed to internal network?

      Reply

  24. Hi,

    I have installed isa server 2006 and i followed above u mentioned and configured but still the users can able to access the websites.pls advice and sorry im very new for ISA servers

    Thanks

    Reply

    1. Hi,

      Have you moved the rule to the top of the list? Deny rule for websites should be the first rule in your ISA firewall rules list.

      Reply

      1. Hi thank you very much for your reply.I have finished partially because of your reply.But how to block gmail
        they can login with igoogle.com or google.com itself.I wont block google but i want to block gmail and orkut.And pls advice how to block proxy websites also.

        Thanks in advance,

        Suthakar

        Reply

    1. Most of the site list has been taken out from the Internet. There are many URL’s and Site lists which are published on the public domain. The ZIP file that I have mentioned in my post is a compilation of all these plus the ones that I had been adding up. The XML have been exported from ISA 2006.

      Reply
Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

You May Also Like