RE: Guide about PING...Faraz

From: "Periyasamy, Raj" <Raj.Periyasamy@xxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Date: Thu, 7 Apr 2005 11:35:28 -0400
Hi Faraz,
Yes It is a mammoth task, this link might help you,

http://www.iana.org/assignments/port-numbers

Do it only if you can minimize the impact on your network down time and
if it is really a must. If it is not something that is impacting your
network performance or is not compromising any written security policy,
I wont bother with it.


Raj Periyasamy
Systems Administrator
MCSE(Messaging), CCNA


-----Original Message-----
From: Faraz [mailto:f_hkhan@xxxxxxxxx] 
Sent: Thursday, April 07, 2005 11:27 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Guide about PING...Faraz

http://www.ISAserver.org

hello RAJ,
if i enable TCP/IP filtering on internal NIC : i have to be known all
the
ports no. even some clients make LDAP queries,messengers, and other web
softwares which have different port no., soo it is really hard to
construct the allowed port no. table.


> Faraz,
> You may try the TCP/IP packet filtering on the NIC itself, using the
NIC
> properties, TCP/IP protocol settings, Packet filtering,  for the
> internal interface, and allow only the protocols you want to reach the
> Internal interface. You can take out the ICMP. By default all
protocols
> are allowed on all interfaces, so you have to construct your own list
of
> allowed protocols, and port numbers.
> 
> 
> Regards,
> 
> Raj Periyasamy
> Systems Administrator
> MCSE(Messaging), CCNA
> 
> 
> -----Original Message-----
> From: Faraz [mailto:f_hkhan@xxxxxxxxx]=20
> Sent: Thursday, April 07, 2005 10:44 AM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Guide about PING...Faraz
> 
> http://www.ISAserver.org
> 
> Hi JIM,
> you are absolutely right, that is (KB article) not working...that is
not
> for stoping ICMP to ISA server itself by any internal client!
> but one thing after editing registry values do i need to restart
system?
> > There's an important point here:
> > "from the internal network to the external network"
> >=20
> > ISA isn't "external".
> > This isn't designed or expected to stop ICMP to the ISA itself.
> >=20
> > -----Original Message-----
> > From: Faraz [mailto:f_hkhan@xxxxxxxxx]=20
> > Sent: Thursday, April 07, 2005 6:49 AM
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] RE: Guide about PING...Faraz
> >=20
> > http://www.ISAserver.org
> >=20
> > Hi, TOM
> > should i need to follow these steps? at KB article
> > "Blocking and Logging Outbound ICMP Traffic
> > To unconditionally block and log all outbound ICMP traffic that is
> sent
> > from the internal network to the external network, follow these
steps:
> "
> >=20
> > > Hi Raj,
> > >=20
> > > Yes! That's it.
> > >=20
> > > Thanks!=3D20
> > >=20
> > >=20
> > > Tom
> > > www.isaserver.org/shinder
> > > Tom and Deb Shinder's Configuring ISA Server 2004
> > > http://tinyurl.com/3xqb7
> > > MVP -- ISA Firewalls
> > >=20
> > >=20
> > > -----Original Message-----
> > > From: Periyasamy, Raj [mailto:Raj.Periyasamy@xxxxxxxxxxxx]=3D20
> > > Sent: Thursday, April 07, 2005 8:19 AM
> > > To: [ISAserver.org Discussion List]
> > > Subject: [isalist] RE: Guide about PING...Faraz
> > >=20
> > > http://www.ISAserver.org
> > >=20
> > > Is it this one Tom?
> > >=20
> > >
> >
>
http://support.microsoft.com/default.aspx?scid=3D3Dkb;en-us;283213#XSLTH
3=
> 1
> > 2=3D
> > > 3
> > > 121123120121120120
> > >=20
> > >=20
> > > Raj Periyasamy
> > > Systems Administrator
> > > MCSE(Messaging), CCNA
> > >=20
> > >=20
> > > -----Original Message-----
> > > From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx]=3D20
> > > Sent: Thursday, April 07, 2005 8:52 AM
> > > To: [ISAserver.org Discussion List]
> > > Subject: [isalist] RE: Guide about PING...Faraz
> > >=20
> > > http://www.ISAserver.org
> > >=20
> > > Hey guys,
> > >=20
> > > There used to be an article on the KB site on how to block PING
> > requests
> > > on the LAT interface of the ISA 2000 firewall. Can't seem to find
it
> > > today :(=3D20
> > >=20
> > >=20
> > > Tom
> > > www.isaserver.org/shinder
> > > Tom and Deb Shinder's Configuring ISA Server 2004
> > > http://tinyurl.com/3xqb7
> > > MVP -- ISA Firewalls
> > >=20
> > >=20
> > > -----Original Message-----
> > > From: Steve Moffat [mailto:steve@xxxxxxxxxx]=3D20
> > > Sent: Thursday, April 07, 2005 7:44 AM
> > > To: [ISAserver.org Discussion List]
> > > Subject: [isalist] RE: Guide about PING...Faraz
> > >=20
> > > http://www.ISAserver.org
> > >=20
> > > Is your ISA returning the ping requests??
> > >=20
> > > S=3D20
> > >=20
> > > -----Original Message-----
> > > From: Faraz [mailto:f_hkhan@xxxxxxxxx]=3D20
> > > Sent: Thursday, April 07, 2005 9:29 AM
> > > To: ISA Mailing List
> > > Subject: [isalist] Guide about PING...Faraz
> > >=20
> > > http://www.ISAserver.org
> > >=20
> > > Faraz : i am in standalone environment, using ISA 2000, some
clients
> > in
> > > my internal network send their Ping Requests contineously to my
ISA
> > > server for checking that either the ISA Machine is ON or OFF, i
wana
> > > block those ping requests comming from the internal network, i
used
> > that
> > > article found at isaserver.org "How to create a packet filter for
> > > dropping ICMP Packets (Ping Requests)" and restarted all three
> > services
> > > of ISA but still can't get the rid of PING requests.....Please
guide
> > me.
> > > --------------------------
> > > Jim Harrison : Restart Service after creating packet filter.
> > > Jim Harrison : get the rid of that ISA "Allow All" rule.
> > > --------------------------
> > > Faraz : No, that is also not working i disabled that "Allow Rule"
> and
> > > also disabled my own created protocol rules and even disabled all
> the
> > IP
> > > packet filters which were created by default by ISA 2000 during
> > > installation, i only enabled that one IP packet filter as
described
> in
> > > the "How to create a packet filter for dropping ICMP Packets (Ping
> > > Requests)" which drops ICMP ping Query, and restarted all services
> of
> > > ISA 2000, but still my clients are sending me ping requests!
WHY???
> > >=20
> > > ------------------------------------------------------
> > > List Archives: =
> http://www.webelists.com/cgi/lyris.pl?enter=3D3Disalist
> > > ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp
> > > ISA Server FAQ:
> http://www.isaserver.org/pages/larticle.asp?type=3D3DFAQ
> > > ------------------------------------------------------
> > > Other Internet Software Marketing Sites:
> > > World of Windows Networking: http://www.windowsnetworking.com
> Leading
> > > Network Software Directory: http://www.serverfiles.com
> > > No.1 Exchange Server Resource Site: http://www.msexchange.org
> Windows
> > > Security Resource Site: http://www.windowsecurity.com/ Network
> > Security
> > > Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
> > > http://www.ntfaxfaq.com
> > > ------------------------------------------------------
> > > You are currently subscribed to this ISAserver.org Discussion List
> as:
> > > isalist@xxxxxxxxxx To unsubscribe visit
> > > http://www.webelists.com/cgi/lyris.pl?enter=3D3Disalist
> > > Report abuse to listadmin@xxxxxxxxxxxxx
> > >=20
> > > The haggis is unusual in that it is neither consistently nocturnal
> nor
> > > diurnal, but instead is active at dawn and dusk (crepuscular),
with
> > > occasional forays forth during the day and night.=3D20
> > >=20
> > >=20
> > >=20
> > > ------------------------------------------------------
> > > List Archives: =
> http://www.webelists.com/cgi/lyris.pl?enter=3D3Disalist
> > > ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp
> > > ISA Server FAQ:
> http://www.isaserver.org/pages/larticle.asp?type=3D3DFAQ
> > > ------------------------------------------------------
> > > Other Internet Software Marketing Sites:
> > > World of Windows Networking: http://www.windowsnetworking.com
> > > Leading Network Software Directory: http://www.serverfiles.com
> > > No.1 Exchange Server Resource Site: http://www.msexchange.org
> > > Windows Security Resource Site: http://www.windowsecurity.com/
> > > Network Security Library: http://www.secinf.net/
> > > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> > > ------------------------------------------------------
> > > You are currently subscribed to this ISAserver.org Discussion List
> as:
> > > tshinder@xxxxxxxxxxxxxxxxxx
> > > To unsubscribe visit =3D
> > > http://www.webelists.com/cgi/lyris.pl?enter=3D3Disalist
> > > Report abuse to listadmin@xxxxxxxxxxxxx
> > >=20
> > >=20
> > >=20
> > > ------------------------------------------------------
> > > List Archives: =
> http://www.webelists.com/cgi/lyris.pl?enter=3D3Disalist
> > > ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp
> > > ISA Server FAQ:
> http://www.isaserver.org/pages/larticle.asp?type=3D3DFAQ
> > > ------------------------------------------------------
> > > Other Internet Software Marketing Sites:
> > > World of Windows Networking: http://www.windowsnetworking.com
> > > Leading Network Software Directory: http://www.serverfiles.com
> > > No.1 Exchange Server Resource Site: http://www.msexchange.org
> > > Windows Security Resource Site: http://www.windowsecurity.com/
> > > Network Security Library: http://www.secinf.net/
> > > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> > > ------------------------------------------------------
> > > You are currently subscribed to this ISAserver.org Discussion List
> as:
> > > raj.periyasamy@xxxxxxxxxxxx
> > > To unsubscribe visit =3D
> > > http://www.webelists.com/cgi/lyris.pl?enter=3D3Disalist
> > > Report abuse to listadmin@xxxxxxxxxxxxx
> > >=20
> > >=20
> > > ------------------------------------------------------
> > > List Archives: =
> http://www.webelists.com/cgi/lyris.pl?enter=3D3Disalist
> > > ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp
> > > ISA Server FAQ:
> http://www.isaserver.org/pages/larticle.asp?type=3D3DFAQ
> > > ------------------------------------------------------
> > > Other Internet Software Marketing Sites:
> > > World of Windows Networking: http://www.windowsnetworking.com
> > > Leading Network Software Directory: http://www.serverfiles.com
> > > No.1 Exchange Server Resource Site: http://www.msexchange.org
> > > Windows Security Resource Site: http://www.windowsecurity.com/
> > > Network Security Library: http://www.secinf.net/
> > > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> > > ------------------------------------------------------
> > > You are currently subscribed to this ISAserver.org Discussion List
> as:
> > > tshinder@xxxxxxxxxxxxxxxxxx
> > > To unsubscribe visit =3D
> > > http://www.webelists.com/cgi/lyris.pl?enter=3D3Disalist
> > > Report abuse to listadmin@xxxxxxxxxxxxx
> >=20
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=3Disalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ:
http://www.isaserver.org/pages/larticle.asp?type=3DFAQ
> > ------------------------------------------------------
> > Other Internet Software Marketing Sites:
> > World of Windows Networking: http://www.windowsnetworking.com
> > Leading Network Software Directory: http://www.serverfiles.com
> > No.1 Exchange Server Resource Site: http://www.msexchange.org
> > Windows Security Resource Site: http://www.windowsecurity.com/
> > Network Security Library: http://www.secinf.net/
> > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion List
as:
> > jim@xxxxxxxxxxxx
> > To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=3Disalist
> > Report abuse to listadmin@xxxxxxxxxxxxx
> >=20
> > All mail to and from this domain is GFI-scanned.
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=3Disalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=3DFAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> World of Windows Networking: http://www.windowsnetworking.com
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> raj.periyasamy@xxxxxxxxxxxx
> To unsubscribe visit =
> http://www.webelists.com/cgi/lyris.pl?enter=3Disalist
> Report abuse to listadmin@xxxxxxxxxxxxx

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
raj.periyasamy@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
RE: Guide about PING...Faraz

Other related posts:
