i have tried to block all files with .exe extension with editing classifiers by adding *.exe to Banned files and sites.
using "Site"," is matched by data list" , "pattern match" , creating access rule from this.
It does not work
ex. https://www.mozilla.org/en-US/ press download button to get executable and it downloads.
How do I block this file?
thanks,
Mike
wingate 7 block *.exe
Moderator: Qbik Staff
5 posts
• Page 1 of 1
Re: wingate 7 block *.exe
by Aaron Koolen-Bourke » Sep 11 13 10:44 am
Hi Mike. There's a couple of issues here.
First, matching on SITE only matches on the domain part of the URL. So something like http://website.com/badprogram.exe would not be picked up by a site match as it would only look at website.com. What you would want is a URL match. I have tested a setup as you described with a URL match and it is blocking download of .exe files with one caveat.
As is with the mozilla example you gave, HTTPS requests pose problems. HTTPS sets up a connection between client and server and from then on the content is encrypted, which means we don't know what requests are being sent from the client browers and therefore there is no way to know if they are asking for an EXE.
WinGate 8 introduced SSL inspection which might solve your problem however. You create a certificate, enable SSL Inspection in the WWW Proxy Server and install the certificate on the client machines (Or use Active Directory policy to ship it out). Then, WinGate will be able to inspect the traffic and block traffic. Again, I have just tested this with Categories, Data List and Access Rules and I could successfully block the mozilla .exe download.
If you have current version protection you should be able to upgrade to WinGate 8 for free.
Let me know if you need any more help.
Aaron
First, matching on SITE only matches on the domain part of the URL. So something like http://website.com/badprogram.exe would not be picked up by a site match as it would only look at website.com. What you would want is a URL match. I have tested a setup as you described with a URL match and it is blocking download of .exe files with one caveat.
As is with the mozilla example you gave, HTTPS requests pose problems. HTTPS sets up a connection between client and server and from then on the content is encrypted, which means we don't know what requests are being sent from the client browers and therefore there is no way to know if they are asking for an EXE.
WinGate 8 introduced SSL inspection which might solve your problem however. You create a certificate, enable SSL Inspection in the WWW Proxy Server and install the certificate on the client machines (Or use Active Directory policy to ship it out). Then, WinGate will be able to inspect the traffic and block traffic. Again, I have just tested this with Categories, Data List and Access Rules and I could successfully block the mozilla .exe download.
If you have current version protection you should be able to upgrade to WinGate 8 for free.
Let me know if you need any more help.
Aaron
- Aaron Koolen-Bourke
- Qbik Staff
- Posts: 56
- Joined: Dec 01 10 2:48 pm
Re: wingate 7 block *.exe
by mgustavsson » Sep 19 13 7:04 pm
Hi there,
I have the same wish as Mike, deny downloads of installation files.
My question is if there are any how-to-guide for SSL Inspection so you can deny file download with specified file-extensions?
Regards,
Mikael
I have the same wish as Mike, deny downloads of installation files.
My question is if there are any how-to-guide for SSL Inspection so you can deny file download with specified file-extensions?
Regards,
Mikael
- mgustavsson
- Posts: 2
- Joined: Sep 19 13 6:56 pm
Re: wingate 7 block *.exe
by Aaron Koolen-Bourke » Sep 20 13 9:54 am
Hi Mikael.
Unfortunately we don't have any extensive documentation on SSL Inspection yet. We need to improve our resources and have been planning new videos and whitepapers to cover topics such as this. Sorry I can't be of more help but you should be able to follow the steps I mentioned and block installation files.
Feel free to ask if you have any questions.
Regards
Aaron
Unfortunately we don't have any extensive documentation on SSL Inspection yet. We need to improve our resources and have been planning new videos and whitepapers to cover topics such as this. Sorry I can't be of more help but you should be able to follow the steps I mentioned and block installation files.
Feel free to ask if you have any questions.
Regards
Aaron
- Aaron Koolen-Bourke
- Qbik Staff
- Posts: 56
- Joined: Dec 01 10 2:48 pm
Re: wingate 7 block *.exe
by mgustavsson » Sep 20 13 7:00 pm
Thanks Aaron,
Seeing forward to more documentation and instructions, and I must say that the improvement of speed versus TMG is high! For now I am just testing WinGate with a couple of users but are planning to implement WinGate on all users in near future.
Can you give me some written examples or a print screen on Best Practices for Access Rules in this matter? It would be great!
//Mikael
Seeing forward to more documentation and instructions, and I must say that the improvement of speed versus TMG is high! For now I am just testing WinGate with a couple of users but are planning to implement WinGate on all users in near future.
Can you give me some written examples or a print screen on Best Practices for Access Rules in this matter? It would be great!
//Mikael
- mgustavsson
- Posts: 2
- Joined: Sep 19 13 6:56 pm
5 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 6 guests