I know, but this is a change and the can-see hole. If I were you, I will install ISA Server 2000 in the workgroup and it can prevent somebody use some skill to hack into it and see at least the email address of somebody from the AD. A lot of people, including the Vendor, install Checkpoint firewall in the workgroup , and I ask them why, they tell me this. I think about it, it mean sense. there are some tools to find out your password whatever how long it is. Very best regards, Marrow Yung. -----Original Message----- From: Jim Harrison [mailto:jim@xxxxxxxxxxxx] Sent: Sunday, January 18, 2004 2:30 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Consultant needed http://www.ISAserver.org Given that: your most destructive enemies are on your payroll and therefore behind your firewall, that's actually a moot point. If you're concerned about deploying ISA securely, then you should quit bothering with "security by obscurity" and think in terms of those areas that you already control, like: 1. strong passwords and forced, frequent changes 2. limit internal accesses according to the real, not imagined needs of the users 3. "admin access" definitions and resulting policies Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://www.microsoft.com/isaserver http://isaserver.org/Jim_Harrison http://isatools.org Read the help, books and articles! ----- Original Message ----- From: "Marrow K.L. Yung" <marrow.yung@xxxxxxxxxxxxxxx> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> Sent: Saturday, January 17, 2004 09:18 Subject: [isalist] RE: Consultant needed http://www.ISAserver.org Somebody can have a chance to see what is in the AD.. Not a good practice in NT world already,. Very best regards, Marrow Yung. -----Original Message----- From: Marvin Cummings [mailto:marvc@xxxxxxxxxxxxx] Sent: Friday, January 16, 2004 11:12 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Consultant needed http://www.ISAserver.org Question. What kind of problems can arise from having ISA as a member of a domain? I haven't come across anything stating it should be in a workgroup. _____ From: Marrow K.L. Yung [mailto:marrow.yung@xxxxxxxxxxxxxxx] Sent: Thursday, January 15, 2004 9:02 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Consultant needed http://www.ISAserver.org I don't think it is a good practice to install DHCP and DNS server in the ISA Server 2000. ISA Server 2000 in my environment or any of the environment should be a workgroup server only as it serve as the IP pass through thing.I work in a similiar environment but DNS and DHCP server run on the same Server as the Exchange 2000, this should be better. Any one has better suggestion ? Very best regards, Marrow Yung. -----Original Message----- From: Jenifer M. Nech [mailto:Jenifer.Nech@xxxxxxxxxxxx] Sent: Friday, January 16, 2004 4:48 AM To: [ISAserver.org Discussion List] Subject: [isalist] Consultant needed http://www.ISAserver.org I need a consultant who can assist me in configuring my ISA and Exchange 2003. I am currently running ISA with caching DNS and DHCP on one box Exchange2003 on another box (also DC for time being) After my new install of ISA with caching DNS I have been having intermittent issues like: userenv 1000 slow logon All of this behavior began after this new configuration. I need someone who can troublelshoot this issue that is knowledgable in ISA and DNS. Please advise. We are committed to enabling you to obtain and maintain health and wellness naturally. _______________________________ Jenifer Nech, Systems Analyst Hotze Health & Wellness Center Physicians Preference, Inc. Premier Pharmacy, Inc. 281-579-3600 Ext 249 ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: marrow.yung@xxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: marvc@xxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: marrow.yung@xxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: marrow.yung@xxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')