«
»

Test your inline URL content filter

Following on from this post, here’s an easy way to see what your content filter does and does not check. The steps are:

  1. Visit http://wirewatcher.net/urlfiltertest/testit.aspx
  2. Check your content filter logs to make sure there’s an impression.
  3. Click the “Submit me via GET” button. The page will refresh, albeit with the same content as it had originally.
  4. Check your content filter logs to make sure there’s an impression.
  5. Click the “Submit me via POST” button. The page will refresh, albeit with the same content as it had originally.
  6. Check your content filter logs to make sure there’s an impression. If there isn’t one, then your content filter isn’t being queried for POST requests.
  7. Visit http://wirewatcher.net:50000/urlfiltertest/testit.aspx
  8. Repeat steps 2 – 6 above. If you get no pages back at all, then it’s likely that there is some degree of egress filtering going on to prevent you from seeing the page (a good thing!). If there are no log impressions on the content filter, then your content filter isn’t being queried for HTTP on nonstandard ports.

If you want to, please posts your results as comments, together with:

  • The brand of content filter software
  • The type of intermediate device that is querying the content filter (router, firewall, proxy, etc.)

This entry was posted on 29 June, 2009 at 11:42 and is filed under NSM . You can follow any responses to this entry through the RSS 2.0 feed You can leave a response, or trackback from your own site.

Leave a Reply