Windows Live\Hotmail Attachments Web Address

Posted on 2010-09-21
Medium Priority
Last Modified: 2012-05-10
Hotmail\Windows Live Attachments ('download' rather than 'view online') are filtered by my proxy server because of a rule I have set. Can anyone tell me what address is actually trying to be accessed when users click on 'download' next to an attachment?

I have many hundred rules deny accessing to domain names, wildcard rules etc etc.

Question by:Pete

Accepted Solution

Nothing_Changed earned 1000 total points
ID: 33753828
very very very broad question, this could be totally off, but I'll take a swing.

I think the simplest solution would be to connect a system outside your proxy, or put in a temporary bypass rule for one host. Connect to the desired site, download the attachment, while at the same time running a command prompt command of (assuming windows here) "netstat -a | findstr ESTAB". you may need to run it a few times, keep in mind that many connections are very transient so you might miss it the first time.

you will see a list like this:
 TCP    cmt-d630:2333      ESTABLISHED
 TCP    cmt-d630:2338          LB140.ASHB.COTENDO.NET:http  ESTABLISHED
 TCP    cmt-d630:2339          LB140.ASHB.COTENDO.NET:http  ESTABLISHED
 TCP    cmt-d630:2341          slashdot.org:http      ESTABLISHED
 TCP    cmt-d630:2343          a96-16-83-172.deploy.akamaitechnologies.com:http  ESTABLISHED
 TCP    cmt-d630:2346          a96-16-83-172.deploy.akamaitechnologies.com:http  ESTABLISHED

(ignore all of the connections to localhost, those aren't likely to be part of your problem)

look thru the list of connections that your download session spawned (not just host names but ports too, maybe its a weird port or ftp or something), then compare this list to your log in your proxy. You should be logging everything getting blocked, so you should see something in your block list that matches your netstat output, and that will be your culprit.

If you don't see anything in your proxy log, then it's probably a firewall rule blocking something. Use the same log review process and you'll find your culprit.

Author Closing Comment

ID: 33778468

Featured Post

KuppingerCole Reviews AlgoSec in Executive Report

Leading analyst firm, KuppingerCole reviews AlgoSec's Security Policy Management Solution, and the security challenges faced by companies today in their Executive View report.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Over the last year I have answered a couple of basic URL rewriting questions several times so I thought I might as well have a stab at: explaining the basics, providing a few useful links and consolidating some of the most common queries into a sing…
SSL stands for “Secure Sockets Layer” and an SSL certificate is a critical component to keeping your website safe, secured, and compliant. Any ecommerce website must have an SSL certificate to ensure the safe handling of sensitive information like…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
The video will let you know the exact process to import OST/PST files to the cloud based Office 365 mailboxes. Using Kernel Import PST to Office 365 tool, one can quickly import numerous OST/PST files to Office 365. Besides this, the tool also comes…
Suggested Courses

621 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question