RE: MSBLAST worm and the firewall client

  • From: "Han Valk" <Han.Valk@xxxxxxxxxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Tue, 12 Aug 2003 22:26:11 +0200

Hi,

Well you know I have a wife and a little daughter using the computer but not
knowing much about it. I do educate them well but you never know .... ;)
I also have my pride as a professional system engineer, and I will never
forgive myself if I am the source of a worm, dos etc. that could have been
prevented. That's why I allow only those protocols that are necessary.

Best regards,
Han Valk.


> -----Original Message-----
> From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx] 
> Sent: Tuesday, August 12, 2003 22:12
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: MSBLAST worm and the firewall client
> 
> 
> http://www.ISAserver.org
> 
> 
> Hi Han,
> 
> That will stop the outbound connection to TFTP. However, if you don't
> use TFTP outbound, the principle of least privledge has saved you,
> because you only create protocol rules for the protocols 
> required. "All
> Open" access policy users beware! :-)
> 
> HTH,
> Tom
> 
> Thomas W Shinder
> www.isaserver.org/shinder 
> ISA Server and Beyond: http://tinyurl.com/1jq1
> Configuring ISA Server: http://tinyurl.com/1llp
> 
>  
> 
> 
> -----Original Message-----
> From: Han Valk [mailto:Han.Valk@xxxxxxxxxxxxxxx] 
> Sent: Tuesday, August 12, 2003 3:09 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: MSBLAST worm and the firewall client
> 
> 
> http://www.ISAserver.org
> 
> 
> Hi,
> 
> If you use snat but only allow certain protocols, tftp not 
> being one of
> them,
> you're save too aren't you?
> 
> Best regards,
> Han Valk.
> 
> 
> 
> -----Original Message-----
> From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx] 
> Sent: Tuesday, August 12, 2003 20:29
> To: [ISAserver.org Discussion List]
> Subject: [isalist] MSBLAST worm and the firewall client
> 
> 
> http://www.ISAserver.org
> 
> 
> Hey folks,
> 
> Remember to whack the msblast.exe by including it in your mspclnt.ini
> files.
> Another reason to install the firewall client! :-)
> 
> 
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> tshinder@xxxxxxxxxxxxxxxxxx
> To unsubscribe send a blank email to 
> $subst('Email.Unsub')
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion 
> List as: han.valk@xxxxxxxxxxxxxxx
> To unsubscribe send a blank email to 
> $subst('Email.Unsub')
> 



Other related posts: