Re: ISA Port 80

• From: Thor@xxxxxxxxxxxxxxx
• To: isalist@xxxxxxxxxxxxx
• Date: Thu, 16 Aug 2001 07:54:37 -0700

I don't think I'm confusing anything... It shows up in port scans of the
system, and I can establish a connection via telnet or netcat.
Port 80 is, in fact, listening.  I can't telnet to 25.  I can't telnet to
53, etc...

It shows as open and responds to requests.  Not much room for confusion
there...

----- Original Message -----
From: "Jim Harrison" <jim@xxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Thursday, August 16, 2001 7:25 AM
Subject: [isalist] Re: ISA Port 80


> http://www.ISAserver.org
>
>
> You're confusing the "stealth" feature of many consumer firewalls with
> server-oriented functionality of an enterprise firewall.
> 1. You can't make a service request until you have established a TCP
> connection to the server.  It the port doesn't respond to requests, then
the
> rest of the communication never happens.
> 2. ISA will evaluate the connection based on the merits of the request (or
> timeout, if none appears).  If it doesn't meet with the requirements of
the
> protocol and the restrictions you set, it's dumped.
>
> Jim Harrison
> MCP(2K), A+, Network+, PCG
>
> ----- Original Message -----
> From: <Thor@xxxxxxxxxxxxxxx>
> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> Sent: Thursday, August 16, 2001 6:34 AM
> Subject: [isalist] Re: ISA Port 80
>
>
> http://www.ISAserver.org
>
>
> Yeah- I could not get far with it, though I really did not try too hard...
I
> just don't like the ISA server saying "Hey, I've got a web server over
> here!" where none exists.  As far as I am concerned, that guy should be
> _totally_ silent unless explicitly asked to serve ports...
>
> So I take it that this is "known, expected" behavior then? Anyone else
_not_
> experiencing this?
>
> ----- Original Message -----
> From: "Jim Harrison" <jim@xxxxxxxxxxxx>
> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> Sent: Wednesday, August 15, 2001 4:51 PM
> Subject: [isalist] Re: ISA Port 80
>
>
> > http://www.ISAserver.org
> >
> >
> > No, you can telnet all day, but you'll never get anywhere, because ISA
> will
> > refuse any request that has no rule allowing it.
> >
> > Jim Harrison
> > MCP(2K), A+, Network+, PCG
> >
> > ----- Original Message -----
> > From: <Thor@xxxxxxxxxxxxxxx>
> > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> > Sent: Wednesday, August 15, 2001 4:51 PM
> > Subject: [isalist] Re: ISA Port 80
> >
> >
> > http://www.ISAserver.org
> >
> >
> > External interface... No Web or Server publishing, no Web Listeners
> > configured at all, IIS is not even loaded.
> > Even setting up a packet filter to block 80 on the external interface
does
> > not kill it.  With all these options, one can still telnet to the
external
> > interface port 80 and connect.
> >
> > wsup wid dat?
> >
> >
> > ----- Original Message -----
> > From: "Jim Harrison" <jim@xxxxxxxxxxxx>
> > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> > Sent: Wednesday, August 15, 2001 4:40 PM
> > Subject: [isalist] Re: ISA Port 80
> >
> >
> > > http://www.ISAserver.org
> > >
> > >
> > > Just so we're talking about the same thing, which interface?
> > >
> > > Jim Harrison
> > > MCP(2K), A+, Network+, PCG
> > >
> > > ----- Original Message -----
> > > From: <Thor@xxxxxxxxxxxxxxx>
> > > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> > > Sent: Wednesday, August 15, 2001 3:31 PM
> > > Subject: [isalist] Re: ISA Port 80
> > >
> > >
> > > http://www.ISAserver.org
> > >
> > >
> > > That's what I was thinking, but it does not.  I never set any up in
the
> > > first place, but still verified that there is no IP listener...
> > >
> > > Any ideas?
> > >
> > > ----- Original Message -----
> > > From: "Jim Harrison" <jim@xxxxxxxxxxxx>
> > > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> > > Sent: Wednesday, August 15, 2001 2:42 PM
> > > Subject: [isalist] Re: ISA Port 80
> > >
> > >
> > > > http://www.ISAserver.org
> > > >
> > > >
> > > > If you configure the listener "per IP" and don't select any external
> > IPs,
> > > > then port 80 should close.
> > > >
> > > > Jim Harrison
> > > > MCP(2K), A+, Network+, PCG
> > > >
> > > > ----- Original Message -----
> > > > From: <Thor@xxxxxxxxxxxxxxx>
> > > > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> > > > Sent: Wednesday, August 15, 2001 2:33 PM
> > > > Subject: [isalist] Re: ISA Port 80
> > > >
> > > >
> > > > http://www.ISAserver.org
> > > >
> > > >
> > > > Don't I have to configure an IP to listen on?  Is there no way to
turn
> > > that
> > > > off, or is 80 always going to show open on the box (assuming I don't
> > > change
> > > > the listen port)?
> > > >
> > > >
> > > >
> > > > ----- Original Message -----
> > > > From: "Jim Harrison" <jim@xxxxxxxxxxxx>
> > > > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> > > > Sent: Wednesday, August 15, 2001 2:02 PM
> > > > Subject: [isalist] Re: ISA Port 80
> > > >
> > > >
> > > > > http://www.ISAserver.org
> > > > >
> > > > >
> > > > > The incoming web listener is listening.
> > > > >
> > > > > Jim Harrison
> > > > > MCP(2K), A+, Network+, PCG
> > > > >
> > > > > ----- Original Message -----
> > > > > From: <Thor@xxxxxxxxxxxxxxx>
> > > > > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> > > > > Sent: Wednesday, August 15, 2001 1:52 PM
> > > > > Subject: [isalist] ISA Port 80
> > > > >
> > > > >
> > > > > http://www.ISAserver.org
> > > > >
> > > > >
> > > > > Here is another one for ya...
> > > > >
> > > > > Why is port 80 open on my ISA server, even when no publishing is
> done,
> > > and
> > > > > when IIS is not even installed?  I went as far as to put an
explicit
> > > block
> > > > > of 80, but it still shows as open on external scans, and you can
> even
> > > > telnet
> > > > > to it.
> > > > >
> > > > > Is it needed for the Web Proxy???  Who exactly is listening?
> > > > >
> > > > > ------------------------------------------------------
> > > > > You are currently subscribed to this ISAserver.org Discussion List
> as:
> > > > > jim@xxxxxxxxxxxx
> > > > > To unsubscribe send a blank email to
> > $subst('Email.Unsub')
> > > > >
> > > > >
> > > > >
> > > > > ------------------------------------------------------
> > > > > You are currently subscribed to this ISAserver.org Discussion List
> as:
> > > > thor@xxxxxxxxxxxxxxx
> > > > > To unsubscribe send a blank email to
> > $subst('Email.Unsub')
> > > >
> > > > ------------------------------------------------------
> > > > You are currently subscribed to this ISAserver.org Discussion List
as:
> > > > jim@xxxxxxxxxxxx
> > > > To unsubscribe send a blank email to
> $subst('Email.Unsub')
> > > >
> > > >
> > > >
> > > > ------------------------------------------------------
> > > > You are currently subscribed to this ISAserver.org Discussion List
as:
> > > thor@xxxxxxxxxxxxxxx
> > > > To unsubscribe send a blank email to
> $subst('Email.Unsub')
> > >
> > > ------------------------------------------------------
> > > You are currently subscribed to this ISAserver.org Discussion List as:
> > > jim@xxxxxxxxxxxx
> > > To unsubscribe send a blank email to
$subst('Email.Unsub')
> > >
> > >
> > >
> > > ------------------------------------------------------
> > > You are currently subscribed to this ISAserver.org Discussion List as:
> > thor@xxxxxxxxxxxxxxx
> > > To unsubscribe send a blank email to
$subst('Email.Unsub')
> >
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion List as:
> > jim@xxxxxxxxxxxx
> > To unsubscribe send a blank email to $subst('Email.Unsub')
> >
> >
> >
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion List as:
> thor@xxxxxxxxxxxxxxx
> > To unsubscribe send a blank email to $subst('Email.Unsub')
>
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> jim@xxxxxxxxxxxx
> To unsubscribe send a blank email to $subst('Email.Unsub')
>
>
>
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
thor@xxxxxxxxxxxxxxx
> To unsubscribe send a blank email to $subst('Email.Unsub')

Other related posts:

• » ISA Port 80
• » Re: ISA Port 80
• » Re: ISA Port 80
• » Re: ISA Port 80
• » Re: ISA Port 80
• » Re: ISA Port 80
• » Re: ISA Port 80
• » Re: ISA Port 80
• » Re: ISA Port 80
• » Re: ISA Port 80
• » Re: ISA Port 80

1. Home
2. isalist
3. Archive
4. 08-2001

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---