بستن فیلت*رشک*ن u97 و....

[mgholami]

نه همونطور که دوستمون گفتن و آقای نجاتی زاده هم توی یه پست مجزا درباره signature پکتهای تولید شده توسط این نرم افزار صحبت کردن با فایروالهایی که تا لایه 7 میتونن پکت رو بخونن میشه اینها رو بست

[pardis11]

مطمین نیستم ولی فکر کنم با Spooler بشه این کار رو کرد.

[Gitex]

این مطلب در مورد بلوک کردن u** در ISA هست.
شای کمکی بکنه (به عنوان راهنما).

UltraSurf is a hard one to block from ISA itself because it uses the local host computer through port 9666 as it’s proxy to intercept browser requests and encrypt them through 443/SSL traffic through your corporate proxy server. UltraSurf uses a network of anonymous proxies like Botnets that can change dynamically at any given time.

So how can you successfully block it? Well I don’t know if you can totally but you may be able to deter it a bit.
A few ways are:

Policy – Do you have an acceptable use policy in-place? If you do then I would think the threat of job loss and termination should be a darn good deterrent.

At the local host – Using group policy, restrict access to the local host site in IE. That would be 127.0.0.1 and Ultra1 that it resolves to. If you have the capability, restrict TCP port 9666 on the local host outbound. Setting software restriction in group policy is another to prevent the UltraSoft application from running.

On the ISA – Go to http://[URL="http://www.isaserver.bm/"]www.isaserver.bm[/URL] and download Steve’s blocking anonymous domain sets and configure a deny access rule to help block anonymous proxy access. You won’t totally stop access but the list will defiantly put a damper on accessing the most popular sites.

Collective software ClearTunnel is another ISA add-on to help uncover scrupulous activity.

Collective Software | ClearTunnel